PT-2026-37215 · Unknown · Vaultwarden

Dorakemon

·

Published

2026-05-05

·

Updated

2026-05-06

·

CVE-2026-31835

CVSS v3.1

5.4

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Name of the Vulnerable Software and Affected Versions Vaultwarden versions prior to 1.35.5
Description The WebAuthn authentication flow in the validate webauthn login() function updates persistent credential metadata, specifically the backup eligible and backup state flags, using unverified authenticatorData before signature validation occurs. An attacker possessing a user's password can permanently modify these stored backup flags even without a valid WebAuthn signature, as database updates are not rolled back upon signature verification failure. This leads to a persistent denial of service for WebAuthn two-factor authentication for the affected credentials.
Recommendations Update to version 1.35.5.

Exploit

Fix

Insufficient Verification of Data Authenticity

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-31835

Affected Products

Vaultwarden