CVE-2026-32692

CVSS v3.1

7.6

High

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

An authorization bypass vulnerability in the Vault secrets back-end implementation of Juju versions 3.1.6 through 3.6.18 allows an authenticated unit agent to perform unauthorized updates to secret revisions. With sufficient information, an attacker can poison any existing secret revision within the scope of that Vault secret back-end.

Fix

Improper Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-285

Related Identifiers

CVE-2026-32692

Affected Products

Juju

CVE-2026-32692

Weakness Enumeration

Related Identifiers

Affected Products

References · 2