PT-2026-42809

Name of the Vulnerable Software and Affected Versions OpenBao versions prior to 2.5.4 Description In the Kerberos authentication method, the GET handler or the use of an Authorization: Negotiate header causes the response to include a logical.Auth object alongside an error message. This leads to...

PT-2026-42808

Name of the Vulnerable Software and Affected Versions OpenBao versions prior to 2.5.4 Description The inline auth functionality incorrectly redacts audit log entries. This causes non-auth headers to be removed while auth-related headers are retained in cleartext. Exploitation requires an attacker...

GHSA-R65V-XGWC-G56J vulnerabilities

Vulnerabilities for packages: openbao...

GHSA-6VGR-CP5C-FFX3 vulnerabilities

Vulnerabilities for packages: openbao...

CVE-2026-39946 vulnerabilities

Vulnerabilities for packages: openbao...

GHSA-7CCV-RP6M-RFFR vulnerabilities

Vulnerabilities for packages: openbao...

CVE-2026-39388 vulnerabilities

Vulnerabilities for packages: openbao...

CVE-2026-39396 vulnerabilities

Vulnerabilities for packages: openbao...

GHSA-7CCV-RP6M-RFFR vulnerabilities

Vulnerabilities for packages: openbao...

CVE-2026-39946 vulnerabilities

Vulnerabilities for packages: openbao...

GHSA-P49J-V9WC-WG57 vulnerabilities

Vulnerabilities for packages: openbao...

GHSA-R65V-XGWC-G56J vulnerabilities

Vulnerabilities for packages: openbao...

Fedora: Security Advisory (FEDORA-2026-fba501f889)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2026-a9c2a486a6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-6b2336ec55)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-4074af998e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openbao-2.3.2-1.1 on GA media (moderate)

openbao-2.3.2-1.1 on GA media Announcement ID: openSUSE-SU-2025:15461-1 Rating: moderate Cross-References: CVE-2025-54996 CVE-2025-55000 CVE-2025-55003 CVE-2025-5999 CVE-2025-6000 CVE-2025-6004 CVE-2025-6010 CVE-2025-6011 CVE-2025-6013 CVE-2025-6014 CVE-2025-6015 CVSS scores: CVE-2025-6000 SUSE :...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the audit subsystem when manipulating log prefixes. An attacker can execute unauthorized code and gain network access by bypassing intended restrictions on privileged API operators. Note: This is exploitable...

OPENSUSE-SU-2025:15254-1 openbao-2.3.1-1.1 on GA media

These are all security issues fixed in the openbao-2.3.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15186-1 openbao-2.2.2-1.1 on GA media

These are all security issues fixed in the openbao-2.2.2-1.1 package on the GA media of openSUSE Tumbleweed...