Atuin Automated Vulnerability Discovery Engine

**Name of the Vulnerable Software and Affected Versions** Vault Community Edition versions prior to 2.0.0 Vault Enterprise versions prior to 2.0.0 **Description** An unauthenticated attacker can cause a denial-of-service condition by repeatedly initiating or canceling root token generation or rekey operations. This action occupies the single in-progress operation slot, which prevents legitimate operators from completing these specific workflows. **Recommendations** Update Vault Community Edition to version 2.0.0. Update Vault Enterprise to version 2.0.0.

**Name of the Vulnerable Software and Affected Versions** Home Assistant Core versions prior to 2025.8.0 **Description** The Downloader integration does not completely validate file paths when combining them, which creates a directory traversal issue. This allows unauthorized access to files outside the intended directory. **Recommendations** Update to Home Assistant Core version 2025.8.0 or later.