EUVD-2004-2767

Malware in sbrugna...

PT-2025-36326

Name of the Vulnerable Software and Affected Versions: Keycloak affected versions not specified Description: A path traversal flaw exists in Keycloak’s vault key handling on Windows. A previous fix for a related issue did not account for the Windows file separator , allowing a high-privilege...

CVE-2025-6013 Vault LDAP MFA Enforcement Bypass When Using Username As Alias

Vault and Vault Enterprise’s “Vault” ldap auth method may not have correctly enforced MFA if usernameasalias was set to true and a user had multiple CNs that are equal but with leading or trailing spaces. Fixed in Vault Community Edition 1.20.2 and Vault Enterprise 1.20.2, 1.19.8, 1.18.13, and...

BIT-VAULT-2025-6015 Vault Login MFA Bypass of Rate Limiting and TOTP Code Reuse

Vault and Vault Enterprise’s “Vault” login MFA rate limits could be bypassed and TOTP tokens could be reused. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23...

BIT-VAULT-2025-6011 Timing Side-Channel in Vault’s Userpass Auth Method

A timing side channel in Vault and Vault Enterprise’s “Vault” userpass auth method allowed an attacker to distinguish between existing and non-existing users, and potentially enumerate valid usernames for Vault’s Userpass auth method. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise...

GHSA-6C5R-4WFC-3MCX Hashicorp Vault has Incorrect Validation for Non-CA Certificates

Vault and Vault Enterprise “Vault” TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as +trusted certificate+|https://developer.hashicorp.com/vault/api-docs/auth/certcertificate. In this configuration, an attacker may be able to...

CVE-2025-6037

Vault and Vault Enterprise “Vault” TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as +trusted certificate+|https://developer.hashicorp.com/vault/api-docs/auth/certcertificate. In this configuration, an attacker may be able to...

CVE-2025-6011

A timing side channel in Vault and Vault Enterprise’s “Vault” userpass auth method allowed an attacker to distinguish between existing and non-existing users, and potentially enumerate valid usernames for Vault’s Userpass auth method. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise...

CVE-2025-6004 Vault Userpass and LDAP User Lockout Bypass

Vault and Vault Enterprise’s “Vault” user lockout feature could be bypassed for Userpass and LDAP authentication methods. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23...

CVE-2025-6004 Vault Userpass and LDAP User Lockout Bypass

Vault and Vault Enterprise’s “Vault” user lockout feature could be bypassed for Userpass and LDAP authentication methods. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23...

CVE-2025-6037 Vault Certificate Auth Method Did Not Validate Common Name For Non-CA Certificates

Vault and Vault Enterprise “Vault” TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as +trusted certificate+|https://developer.hashicorp.com/vault/api-docs/auth/certcertificate. In this configuration, an attacker may be able to...

CVE-2025-6037

CVE-2025-6037: HashiCorp Vault and Vault Enterprise TLS certificate authentication failed to validate client certificates when configured with non-CA certificates as trusted, potentially allowing impersonation. Affected products: Vault Community Edition and Vault Enterprise; root cause: incorrect...

PT-2025-31679

Name of the Vulnerable Software and Affected Versions Vault versions prior to 1.20.1 Vault Enterprise versions prior to 1.20.1 Vault Enterprise version 1.19.7 Vault Enterprise version 1.18.12 Vault Enterprise version 1.16.23 Description A timing side channel in the userpass authentication method...

CVE-2024-52941

An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24695. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting XSS while viewing archived content. This could reflect back to an authenticated user...

CVE-2019-13380

KEYNTO Team Password Manager 1.5.0 allows XSS because data saved from websites is mishandled in the online vault...

CVE-2025-3879 Vault’s Azure Authentication Method bound_location Restriction Could be Bypassed on Login

Vault Community, Vault Enterprise “Vault” Azure Auth method did not correctly validate the claims in the Azure-issued token, resulting in the potential bypass of the boundlocations parameter on login. Fixed in Vault Community Edition 1.19.1 and Vault Enterprise 1.19.1, 1.18.7, 1.17.14, 1.16.18...

Amazon Linux 2023 : ansible-core, ansible-test (ALAS2023-2025-846)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-846 advisory. A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to...

CVE-2023-2400

Improper deletion of resource in the user management feature in Devolutions Server 2023.1.8 and earlier allows an administrator to view users vaults of deleted users via database access...

Vault: Withdrawals can be frontrun to cause users to burn tokens without receiving funds in return

Handle hickuphh3 Vulnerability details Impact Let us assume either of the following cases: 1. The vault / protocol is to be winded down or migrated, where either the protocol is halted and withdrawAll has been called on all active strategies to transfer funds into the vault. 2. There are 0...