VYPR

Openbao

by Openbao

Source repositories

CVEs (27)

  • CVE-2026-42186HigMay 14, 2026
    risk 0.42cvss 7.5epss 0.00

    OpenBao is an open source identity-based secrets management system. Prior to 2.5.3, when OpenBao's initial namespace deletion fails, subsequent retries fail to properly remove all data before marking the namespace as deleted. This can affect any outstanding leases as well as…

  • CVE-2026-45808higMay 28, 2026
    risk 0.39cvss epss 0.00

    # Impact OpenBao's namespaces provide multi-tenant separation. A tenant who intentionally leaks lease identifiers can have their lease and underlying credential revoked or renewed by a user in another tenant via the legacy, undocumented `sys/revoke` and `sys/renew` endpoints. …

  • CVE-2026-39946MedApr 21, 2026
    risk 0.25cvss 4.9epss 0.00

    OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, when OpenBao revoked privileges on a role in the PostgreSQL database secrets engine, OpenBao failed to use proper database quoting on schema names provided by PostgreSQL. This could lead…

  • CVE-2026-39396LowApr 21, 2026
    risk 0.13cvss 3.1epss 0.00

    OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, `ExtractPluginFromImage()` in OpenBao's OCI plugin downloader extracts a plugin binary from a container image by streaming decompressed tar data via `io.Copy` with no upper bound on the…

  • CVE-2026-39388LowApr 21, 2026
    risk 0.13cvss 3.1epss 0.00

    OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, OpenBao's Certificate authentication method, when a token renewal is requested and `disable_binding=true` is set, attempts to verify the current request's presented mTLS certificate…

  • CVE-2026-40264LowApr 21, 2026
    risk 0.11cvss 2.7epss 0.00

    OpenBao is an open source identity-based secrets management system. OpenBao's namespaces provide multi-tenant separation. Prior to version 2.5.3, a tenant who leaks token accessors can have their token revoked or renewed by a privileged administrator in another tenant. This is…

  • CVE-2026-55776Jun 19, 2026
    risk 0.00cvss epss

    On OpenBao 2.5.4 and 2.5.2(and likely earlier versions also), an authenticated caller with write access to `transit/keys/*` can crash the OpenBao server by issuing a single key-creation request that combines an asymmetric `type` (`rsa-*`, `ecdsa-*`, `ed25519`) with `derived:…

  • CVE-2026-55775lowJun 19, 2026
    risk 0.00cvss epss

    ### Summary A user that is granted namespace management (`/sys/namespaces`) capabilities within a non-root namespace ("the victim namespace") can abuse special handling of the literal path `"root"` in namespace path canonicalization to manage the victim namespace itself. ###…

  • CVE-2026-55774lowJun 19, 2026
    risk 0.00cvss epss

    ### Summary OpenBao users with access to the `sys/leases/revoke/:lease_id` endpoint in any namespace can revoke leases in any other namespace as long as the lease identifier is known to them, bypassing ACLs that should apply for cross-namespace revocations. ### Impact …

  • CVE-2026-55770Jun 19, 2026
    risk 0.00cvss epss

    ## 1. Description ### Component `sdk/helper/ldaputil/client.go` — the shared LDAP utility library used by both the LDAP authentication backend and OpenLDAP secrets engine to construct LDAP search filters and bind DNs. ### Root Cause The LDAP utility contains a **function…

  • CVE-2026-46405May 28, 2026
    risk 0.00cvss epss 0.00

    ### Impact In OpenBao's Kerberos auth method on the `GET` handler, or when an `Authorization: Negotiate` header is supplied, the response is includes a `logical.Auth` object in addition to an error message. This results in tokens being created with only the default policy,…

  • CVE-2026-46358May 28, 2026
    risk 0.00cvss epss 0.00

    ### Impact OpenBao's inline auth functionality incorrectly redacted audit log entries, resulting in non-auth headers being removed and auth-related headers being retained in cleartext. This requires an attacker to compromise access to the audit device. Operators should review…

  • CVE-2026-33758Mar 27, 2026
    risk 0.00cvss epss 0.00

    OpenBao is an open source identity-based secrets management system. Prior to version 2.5.2, OpenBao installations that have an OIDC/JWT authentication method enabled and a role with `callback_mode=direct` configured are vulnerable to XSS via the `error_description` parameter on…

  • CVE-2026-33757Mar 27, 2026
    risk 0.00cvss epss 0.00

    OpenBao is an open source identity-based secrets management system. Prior to version 2.5.2, OpenBao does not prompt for user confirmation when logging in via JWT/OIDC and a role with `callback_mode` set to `direct`. This allows an attacker to start an authentication request and…

  • CVE-2025-64761Nov 25, 2025
    risk 0.00cvss epss 0.00

    OpenBao is an open source identity-based secrets management system. Prior to version 2.4.4, a privileged operator could use the identity group subsystem to add a root policy to a group identity group, escalating their or another user's permissions in the system. Specifically…

  • CVE-2025-62705Oct 22, 2025
    risk 0.00cvss epss 0.00

    OpenBao is an open source identity-based secrets management system. Prior to version 2.4.2, OpenBao's audit log did not appropriately redact fields when relevant subsystems sent []byte response parameters rather than strings. This includes, but is not limited to sys/raw with use…

  • CVE-2025-62513Oct 22, 2025
    risk 0.00cvss epss 0.00

    OpenBao is an open source identity-based secrets management system. In versions 2.2.0 to 2.4.1, OpenBao's audit log experienced a regression wherein raw HTTP bodies used by few endpoints were not correctly redacted (HMAC'd). This impacts those using the ACME functionality of…

  • CVE-2025-59043Oct 17, 2025
    risk 0.00cvss epss 0.01

    OpenBao is an open source identity-based secrets management system. In OpenBao versions prior to 2.4.1, JSON objects after decoding may use significantly more memory than their serialized version. It is possible to craft a JSON payload to maximize the factor between serialized…

  • CVE-2025-55003Aug 9, 2025
    risk 0.00cvss epss 0.00

    OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao's Login Multi-Factor Authentication (MFA) system allows enforcing MFA using Time-based One Time Password…

  • CVE-2025-55001Aug 9, 2025
    risk 0.00cvss epss 0.00

    OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao allowed the assignment of policies and MFA attribution based upon entity aliases, chosen by the…

Page 1 of 2