CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

RedhatCVE•added 2026/04/21 12:47 p.m.•3 views

CVE-2026-39388

A flaw was found in OpenBao, an open source identity-based secrets management system. When renewing tokens using the Certificate authentication method with disablebinding=true, the system incorrectly verifies the presented mTLS mutual Transport Layer Security certificate. This vulnerability allow...

3.1CVSS5.7AI score0.00101EPSS

Exploits0References2

SUSE CVE•added 2026/04/21 12:16 p.m.•3 views

SUSE CVE-2026-39388

OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, OpenBao's Certificate authentication method, when a token renewal is requested and disablebinding=true is set, attempts to verify the current request's presented mTLS certificate matches the original. Toke...

2CVSS5.7AI score0.00101EPSS

Exploits0References3

NVD•added 2026/04/21 1:16 a.m.•2 views

CVE-2026-39388

3.1CVSS0.00101EPSS

Exploits0References1

ATTACKERKB•added 2026/04/21 12:43 a.m.•1 views

CVE-2026-39388

2CVSS5.7AI score0.00101EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/04/21 12:43 a.m.•3 views

CVE-2026-39388 OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate

2CVSS5.7AI score0.00101EPSS

Exploits0References1

CVE•added 2026/04/21 12:43 a.m.•12 views

CVE-2026-39388

OpenBao (open source identity-based secrets management) prior to version 2.5.3 contains a flaw in the Certificate authentication method: when a token renewal is requested with disable_binding=true, the system attempts to verify that the presented mTLS certificate matches the original. Due to inco...

3.1CVSS5.7AI score0.00101EPSS

Exploits0References1Affected Software1

AlpineLinux•added 2026/04/21 12:43 a.m.•1 views

CVE-2026-39388

3.1CVSS5.5AI score0.00101EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by