PT-2026-33397 · Hashicorp+1 · Vault Enterprise+2

Published

2026-04-16

Updated

2026-05-29

CVE-2026-3605

CVSS v2.0

8.5

High

Vector

AV:N/AC:L/Au:S/C:N/I:C/A:C

Name of the Vulnerable Software and Affected Versions HashiCorp Vault Community Edition versions prior to 2.0.0 HashiCorp Vault Enterprise versions prior to 1.19.16 HashiCorp Vault Enterprise versions prior to 1.20.10 HashiCorp Vault Enterprise versions prior to 2.0.0

Description An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were not authorized to read or write, which can lead to a denial-of-service. This issue does not allow the deletion of secrets across namespaces or the reading of secret data.

Recommendations Update HashiCorp Vault Community Edition to version 2.0.0. Update HashiCorp Vault Enterprise to version 1.19.16, 1.20.10, or 2.0.0.

Fix

DoS

LPE

Authentication Bypass Using an Alternate Path or Channel

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-288

Related Identifiers

BDU:2026-05648

BIT-VAULT-2026-3605

CVE-2026-3605

GHSA-M2W4-8GGF-RJ47

OPENSUSE-SU-2026:10594-1

Affected Products

Red Os

Vault Community Edition

Vault Enterprise

PT-2026-33397 · Hashicorp+1 · Vault Enterprise+2

CVE-2026-3605

Weakness Enumeration

Related Identifiers

Affected Products

References · 18