OPENSUSE-SU-2026:10594-1 - Vulnerability-Lookup

OPENSUSE-SU-2026:10594-1

Vulnerability from csaf_opensuse - Published: 2026-04-21 00:00 - Updated: 2026-04-21 00:00

Summary

openbao-2.5.3-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: openbao-2.5.3-1.1 on GA media

Description of the patch: These are all security issues fixed in the openbao-2.5.3-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2026-10594

Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

CVE-2026-3605

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2026-39388

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2026-39396

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2026-39946

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2026-40264

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2026-5807

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

References

URL

Category

	https://www.suse.com/support/security/rating/	external
	https://ftp.suse.com/pub/projects/security/csaf/o…	self
	https://www.suse.com/security/cve/CVE-2026-3605/	self
	https://www.suse.com/security/cve/CVE-2026-39388/	self
	https://www.suse.com/security/cve/CVE-2026-39396/	self
	https://www.suse.com/security/cve/CVE-2026-39946/	self
	https://www.suse.com/security/cve/CVE-2026-40264/	self
	https://www.suse.com/security/cve/CVE-2026-5807/	self
	https://www.suse.com/security/cve/CVE-2026-3605	external
	https://www.suse.com/security/cve/CVE-2026-39388	external
	https://bugzilla.suse.com/1262419	external
	https://www.suse.com/security/cve/CVE-2026-39396	external
	https://bugzilla.suse.com/1262420	external
	https://www.suse.com/security/cve/CVE-2026-39946	external
	https://bugzilla.suse.com/1262421	external
	https://www.suse.com/security/cve/CVE-2026-40264	external
	https://bugzilla.suse.com/1262422	external
	https://www.suse.com/security/cve/CVE-2026-5807	external

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "openbao-2.5.3-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the openbao-2.5.3-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2026-10594",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10594-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-3605 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-3605/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-39388 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-39388/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-39396 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-39396/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-39946 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-39946/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-40264 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-40264/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-5807 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-5807/"
      }
    ],
    "title": "openbao-2.5.3-1.1 on GA media",
    "tracking": {
      "current_release_date": "2026-04-21T00:00:00Z",
      "generator": {
        "date": "2026-04-21T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2026:10594-1",
      "initial_release_date": "2026-04-21T00:00:00Z",
      "revision_history": [
        {
          "date": "2026-04-21T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openbao-2.5.3-1.1.aarch64",
                "product": {
                  "name": "openbao-2.5.3-1.1.aarch64",
                  "product_id": "openbao-2.5.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-agent-2.5.3-1.1.aarch64",
                "product": {
                  "name": "openbao-agent-2.5.3-1.1.aarch64",
                  "product_id": "openbao-agent-2.5.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-cassandra-database-plugin-2.5.3-1.1.aarch64",
                "product": {
                  "name": "openbao-cassandra-database-plugin-2.5.3-1.1.aarch64",
                  "product_id": "openbao-cassandra-database-plugin-2.5.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-influxdb-database-plugin-2.5.3-1.1.aarch64",
                "product": {
                  "name": "openbao-influxdb-database-plugin-2.5.3-1.1.aarch64",
                  "product_id": "openbao-influxdb-database-plugin-2.5.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-mysql-database-plugin-2.5.3-1.1.aarch64",
                "product": {
                  "name": "openbao-mysql-database-plugin-2.5.3-1.1.aarch64",
                  "product_id": "openbao-mysql-database-plugin-2.5.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64",
                "product": {
                  "name": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64",
                  "product_id": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-postgresql-database-plugin-2.5.3-1.1.aarch64",
                "product": {
                  "name": "openbao-postgresql-database-plugin-2.5.3-1.1.aarch64",
                  "product_id": "openbao-postgresql-database-plugin-2.5.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-server-2.5.3-1.1.aarch64",
                "product": {
                  "name": "openbao-server-2.5.3-1.1.aarch64",
                  "product_id": "openbao-server-2.5.3-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openbao-2.5.3-1.1.ppc64le",
                "product": {
                  "name": "openbao-2.5.3-1.1.ppc64le",
                  "product_id": "openbao-2.5.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-agent-2.5.3-1.1.ppc64le",
                "product": {
                  "name": "openbao-agent-2.5.3-1.1.ppc64le",
                  "product_id": "openbao-agent-2.5.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le",
                "product": {
                  "name": "openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le",
                  "product_id": "openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le",
                "product": {
                  "name": "openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le",
                  "product_id": "openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-mysql-database-plugin-2.5.3-1.1.ppc64le",
                "product": {
                  "name": "openbao-mysql-database-plugin-2.5.3-1.1.ppc64le",
                  "product_id": "openbao-mysql-database-plugin-2.5.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le",
                "product": {
                  "name": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le",
                  "product_id": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le",
                "product": {
                  "name": "openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le",
                  "product_id": "openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-server-2.5.3-1.1.ppc64le",
                "product": {
                  "name": "openbao-server-2.5.3-1.1.ppc64le",
                  "product_id": "openbao-server-2.5.3-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openbao-2.5.3-1.1.s390x",
                "product": {
                  "name": "openbao-2.5.3-1.1.s390x",
                  "product_id": "openbao-2.5.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-agent-2.5.3-1.1.s390x",
                "product": {
                  "name": "openbao-agent-2.5.3-1.1.s390x",
                  "product_id": "openbao-agent-2.5.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-cassandra-database-plugin-2.5.3-1.1.s390x",
                "product": {
                  "name": "openbao-cassandra-database-plugin-2.5.3-1.1.s390x",
                  "product_id": "openbao-cassandra-database-plugin-2.5.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-influxdb-database-plugin-2.5.3-1.1.s390x",
                "product": {
                  "name": "openbao-influxdb-database-plugin-2.5.3-1.1.s390x",
                  "product_id": "openbao-influxdb-database-plugin-2.5.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-mysql-database-plugin-2.5.3-1.1.s390x",
                "product": {
                  "name": "openbao-mysql-database-plugin-2.5.3-1.1.s390x",
                  "product_id": "openbao-mysql-database-plugin-2.5.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x",
                "product": {
                  "name": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x",
                  "product_id": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-postgresql-database-plugin-2.5.3-1.1.s390x",
                "product": {
                  "name": "openbao-postgresql-database-plugin-2.5.3-1.1.s390x",
                  "product_id": "openbao-postgresql-database-plugin-2.5.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-server-2.5.3-1.1.s390x",
                "product": {
                  "name": "openbao-server-2.5.3-1.1.s390x",
                  "product_id": "openbao-server-2.5.3-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openbao-2.5.3-1.1.x86_64",
                "product": {
                  "name": "openbao-2.5.3-1.1.x86_64",
                  "product_id": "openbao-2.5.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-agent-2.5.3-1.1.x86_64",
                "product": {
                  "name": "openbao-agent-2.5.3-1.1.x86_64",
                  "product_id": "openbao-agent-2.5.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-cassandra-database-plugin-2.5.3-1.1.x86_64",
                "product": {
                  "name": "openbao-cassandra-database-plugin-2.5.3-1.1.x86_64",
                  "product_id": "openbao-cassandra-database-plugin-2.5.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-influxdb-database-plugin-2.5.3-1.1.x86_64",
                "product": {
                  "name": "openbao-influxdb-database-plugin-2.5.3-1.1.x86_64",
                  "product_id": "openbao-influxdb-database-plugin-2.5.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-mysql-database-plugin-2.5.3-1.1.x86_64",
                "product": {
                  "name": "openbao-mysql-database-plugin-2.5.3-1.1.x86_64",
                  "product_id": "openbao-mysql-database-plugin-2.5.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64",
                "product": {
                  "name": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64",
                  "product_id": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-postgresql-database-plugin-2.5.3-1.1.x86_64",
                "product": {
                  "name": "openbao-postgresql-database-plugin-2.5.3-1.1.x86_64",
                  "product_id": "openbao-postgresql-database-plugin-2.5.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openbao-server-2.5.3-1.1.x86_64",
                "product": {
                  "name": "openbao-server-2.5.3-1.1.x86_64",
                  "product_id": "openbao-server-2.5.3-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-2.5.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-2.5.3-1.1.aarch64"
        },
        "product_reference": "openbao-2.5.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-2.5.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-2.5.3-1.1.ppc64le"
        },
        "product_reference": "openbao-2.5.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-2.5.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-2.5.3-1.1.s390x"
        },
        "product_reference": "openbao-2.5.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-2.5.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-2.5.3-1.1.x86_64"
        },
        "product_reference": "openbao-2.5.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-agent-2.5.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.aarch64"
        },
        "product_reference": "openbao-agent-2.5.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-agent-2.5.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.ppc64le"
        },
        "product_reference": "openbao-agent-2.5.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-agent-2.5.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.s390x"
        },
        "product_reference": "openbao-agent-2.5.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-agent-2.5.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.x86_64"
        },
        "product_reference": "openbao-agent-2.5.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-cassandra-database-plugin-2.5.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.aarch64"
        },
        "product_reference": "openbao-cassandra-database-plugin-2.5.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le"
        },
        "product_reference": "openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-cassandra-database-plugin-2.5.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.s390x"
        },
        "product_reference": "openbao-cassandra-database-plugin-2.5.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-cassandra-database-plugin-2.5.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.x86_64"
        },
        "product_reference": "openbao-cassandra-database-plugin-2.5.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-influxdb-database-plugin-2.5.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.aarch64"
        },
        "product_reference": "openbao-influxdb-database-plugin-2.5.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le"
        },
        "product_reference": "openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-influxdb-database-plugin-2.5.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.s390x"
        },
        "product_reference": "openbao-influxdb-database-plugin-2.5.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-influxdb-database-plugin-2.5.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.x86_64"
        },
        "product_reference": "openbao-influxdb-database-plugin-2.5.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-mysql-database-plugin-2.5.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.aarch64"
        },
        "product_reference": "openbao-mysql-database-plugin-2.5.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-mysql-database-plugin-2.5.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.ppc64le"
        },
        "product_reference": "openbao-mysql-database-plugin-2.5.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-mysql-database-plugin-2.5.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.s390x"
        },
        "product_reference": "openbao-mysql-database-plugin-2.5.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-mysql-database-plugin-2.5.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.x86_64"
        },
        "product_reference": "openbao-mysql-database-plugin-2.5.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64"
        },
        "product_reference": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le"
        },
        "product_reference": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x"
        },
        "product_reference": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64"
        },
        "product_reference": "openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-postgresql-database-plugin-2.5.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.aarch64"
        },
        "product_reference": "openbao-postgresql-database-plugin-2.5.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le"
        },
        "product_reference": "openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-postgresql-database-plugin-2.5.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.s390x"
        },
        "product_reference": "openbao-postgresql-database-plugin-2.5.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-postgresql-database-plugin-2.5.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.x86_64"
        },
        "product_reference": "openbao-postgresql-database-plugin-2.5.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-server-2.5.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.aarch64"
        },
        "product_reference": "openbao-server-2.5.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-server-2.5.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.ppc64le"
        },
        "product_reference": "openbao-server-2.5.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-server-2.5.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.s390x"
        },
        "product_reference": "openbao-server-2.5.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openbao-server-2.5.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.x86_64"
        },
        "product_reference": "openbao-server-2.5.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-3605",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-3605"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were not authorized to read or write, resulting in denial-of-service. This vulnerability did not allow a malicious user to delete secrets across namespaces, nor read any secret data. Fxed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0, 1.21.5, 1.20.10, and 1.19.16.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-3605",
          "url": "https://www.suse.com/security/cve/CVE-2026-3605"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-04-21T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-3605"
    },
    {
      "cve": "CVE-2026-39388",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-39388"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, OpenBao\u0027s Certificate authentication method, when a token renewal is requested and `disable_binding=true` is set, attempts to verify the current request\u0027s presented mTLS certificate matches the original. Token renewals for other authentication methods do not require any supplied login information. Due to incorrect matching, the certificate authentication method would allow renewal of tokens for which the attacker had a sibling certificate+key signed by the same CA, but which did not necessarily match the original role or the originally supplied certificate. This implies an attacker could still authenticate to OpenBao in a similar scope, however, token renewal implies that an attacker may be able to extend the lifetime of dynamic leases held by the original token. This attack requires knowledge of either the original token or its accessor. This vulnerability is original from HashiCorp Vault. This is addressed in v2.5.3. As a workaround, ensure privileged roles are tightly scoped to single certificates.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-39388",
          "url": "https://www.suse.com/security/cve/CVE-2026-39388"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262419 for CVE-2026-39388",
          "url": "https://bugzilla.suse.com/1262419"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-04-21T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-39388"
    },
    {
      "cve": "CVE-2026-39396",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-39396"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, `ExtractPluginFromImage()` in OpenBao\u0027s OCI plugin downloader extracts a plugin binary from a container image by streaming decompressed tar data via `io.Copy` with no upper bound on the number of bytes written. An attacker who controls or compromises the OCI registry referenced in the victim\u0027s configuration can serve a crafted image containing a decompression bomb that decompresses to an arbitrarily large file. The SHA256 integrity check occurs after the full file is written to disk, meaning the hash mismatch is detected only after the damage (disk exhaustion) has already occurred. This allow the attacker to replace **legit plugin image** with no need to change its signature. Version 2.5.3 contains a patch.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-39396",
          "url": "https://www.suse.com/security/cve/CVE-2026-39396"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262420 for CVE-2026-39396",
          "url": "https://bugzilla.suse.com/1262420"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-04-21T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2026-39396"
    },
    {
      "cve": "CVE-2026-39946",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-39946"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, when OpenBao revoked privileges on a role in the PostgreSQL database secrets engine, OpenBao failed to use proper database quoting on schema names provided by PostgreSQL. This could lead to role revocation failures, or more rarely, SQL injection as the management user. This vulnerability was original from HashiCorp Vault. The vulnerability is addressed in v2.5.3. As a workaround, audit table schemas and ensure database users cannot create new schemas and grant privileges on them.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-39946",
          "url": "https://www.suse.com/security/cve/CVE-2026-39946"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262421 for CVE-2026-39946",
          "url": "https://bugzilla.suse.com/1262421"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-04-21T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-39946"
    },
    {
      "cve": "CVE-2026-40264",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-40264"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OpenBao is an open source identity-based secrets management system. OpenBao\u0027s namespaces provide multi-tenant separation. Prior to version 2.5.3, a tenant who leaks token accessors can have their token revoked or renewed by a privileged administrator in another tenant. This is addressed in v2.5.3.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-40264",
          "url": "https://www.suse.com/security/cve/CVE-2026-40264"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1262422 for CVE-2026-40264",
          "url": "https://bugzilla.suse.com/1262422"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-04-21T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2026-40264"
    },
    {
      "cve": "CVE-2026-5807",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-5807"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This vulnerability, CVE-2026-5807, is fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.x86_64",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.aarch64",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.s390x",
          "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-5807",
          "url": "https://www.suse.com/security/cve/CVE-2026-5807"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-agent-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-cassandra-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-influxdb-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-mysql-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-mysql-legacy-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-postgresql-database-plugin-2.5.3-1.1.x86_64",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.aarch64",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.s390x",
            "openSUSE Tumbleweed:openbao-server-2.5.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-04-21T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-5807"
    }
  ]
}

CVE-2026-39946 (GCVE-0-2026-39946)

Vulnerability from cvelistv5 – Published: 2026-04-21 00:19 – Updated: 2026-04-21 13:34

Title

OpenBao allows SQL Injection in PostgreSQL database secrets engine

Summary

OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, when OpenBao revoked privileges on a role in the PostgreSQL database secrets engine, OpenBao failed to use proper database quoting on schema names provided by PostgreSQL. This could lead to role revocation failures, or more rarely, SQL injection as the management user. This vulnerability was original from HashiCorp Vault. The vulnerability is addressed in v2.5.3. As a workaround, audit table schemas and ensure database users cannot create new schemas and grant privileges on them.

Severity ?

4.6 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N

CWE

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Assigner

GitHub_M

References

URL

Tags

https://github.com/openbao/openbao/security/advis…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	openbao	openbao	Affected: < 2.5.3

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-39946",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-21T13:34:12.690431Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-21T13:34:21.088Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "openbao",
          "vendor": "openbao",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.5.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, when OpenBao revoked privileges on a role in the PostgreSQL database secrets engine, OpenBao failed to use proper database quoting on schema names provided by PostgreSQL. This could lead to role revocation failures, or more rarely, SQL injection as the management user. This vulnerability was original from HashiCorp Vault. The vulnerability is addressed in v2.5.3. As a workaround, audit table schemas and ensure database users cannot create new schemas and grant privileges on them."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-21T00:19:39.578Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/openbao/openbao/security/advisories/GHSA-6vgr-cp5c-ffx3",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/openbao/openbao/security/advisories/GHSA-6vgr-cp5c-ffx3"
        }
      ],
      "source": {
        "advisory": "GHSA-6vgr-cp5c-ffx3",
        "discovery": "UNKNOWN"
      },
      "title": "OpenBao allows SQL Injection in PostgreSQL database secrets engine"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-39946",
    "datePublished": "2026-04-21T00:19:39.578Z",
    "dateReserved": "2026-04-07T22:40:33.821Z",
    "dateUpdated": "2026-04-21T13:34:21.088Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-5807 (GCVE-0-2026-5807)

Vulnerability from cvelistv5 – Published: 2026-04-17 03:22 – Updated: 2026-04-17 17:57

Title

Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations

Summary

Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This vulnerability, CVE-2026-5807, is fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

HashiCorp

References

URL

Tags

https://discuss.hashicorp.com/t/hcsec-2026-08-vau…

Impacted products

Vendor

Product

Version

Affected: 0 , < 2.0.0 (semver)

Vault Enterprise

Affected: 0 , < 2.0.0. (semver)

Credits

This issue was identified by XlabAI Team of Tencent Xuanwu Lab and the Atuin Automated Vulnerability Discovery Engine who reported it to HashiCorp.

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-5807",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-17T13:18:46.561122Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-17T13:19:07.594Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "64 bit",
            "32 bit",
            "x86",
            "ARM",
            "MacOS",
            "Windows",
            "Linux"
          ],
          "product": "Vault",
          "repo": "https://github.com/hashicorp/vault",
          "vendor": "HashiCorp",
          "versions": [
            {
              "lessThan": "2.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "64 bit",
            "32 bit",
            "x86",
            "ARM",
            "MacOS",
            "Windows",
            "Linux"
          ],
          "product": "Vault Enterprise",
          "repo": "https://github.com/hashicorp/vault",
          "vendor": "HashiCorp",
          "versions": [
            {
              "lessThan": "2.0.0.",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was identified by XlabAI Team of Tencent Xuanwu Lab and the Atuin Automated Vulnerability Discovery Engine who reported it to HashiCorp."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eVault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This vulnerability, CVE-2026-5807, is fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0.\u003c/p\u003e\u003cbr/\u003e"
            }
          ],
          "value": "Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This vulnerability, CVE-2026-5807, is fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-125",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-125: Flooding"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-17T17:57:55.504Z",
        "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
        "shortName": "HashiCorp"
      },
      "references": [
        {
          "url": "https://discuss.hashicorp.com/t/hcsec-2026-08-vault-vulnerable-to-denial-of-service-via-unauthenticated-root-token-generation-rekey-operations/77345"
        }
      ],
      "source": {
        "advisory": "HCSEC-2026-08",
        "discovery": "EXTERNAL"
      },
      "title": "Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
    "assignerShortName": "HashiCorp",
    "cveId": "CVE-2026-5807",
    "datePublished": "2026-04-17T03:22:13.816Z",
    "dateReserved": "2026-04-08T14:43:57.845Z",
    "dateUpdated": "2026-04-17T17:57:55.504Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-39388 (GCVE-0-2026-39388)

Vulnerability from cvelistv5 – Published: 2026-04-21 00:43 – Updated: 2026-04-21 19:36

Title

OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate

Summary

OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, OpenBao's Certificate authentication method, when a token renewal is requested and `disable_binding=true` is set, attempts to verify the current request's presented mTLS certificate matches the original. Token renewals for other authentication methods do not require any supplied login information. Due to incorrect matching, the certificate authentication method would allow renewal of tokens for which the attacker had a sibling certificate+key signed by the same CA, but which did not necessarily match the original role or the originally supplied certificate. This implies an attacker could still authenticate to OpenBao in a similar scope, however, token renewal implies that an attacker may be able to extend the lifetime of dynamic leases held by the original token. This attack requires knowledge of either the original token or its accessor. This vulnerability is original from HashiCorp Vault. This is addressed in v2.5.3. As a workaround, ensure privileged roles are tightly scoped to single certificates.

Severity ?

2 (Low)


                        
                          CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

CWE

CWE-295 - Improper Certificate Validation

Assigner

GitHub_M

References

URL

Tags

https://github.com/openbao/openbao/security/advis…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	openbao	openbao	Affected: < 2.5.3

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-39388",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-21T19:35:56.012388Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-21T19:36:07.865Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "openbao",
          "vendor": "openbao",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.5.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, OpenBao\u0027s Certificate authentication method, when a token renewal is requested and `disable_binding=true` is set, attempts to verify the current request\u0027s presented mTLS certificate matches the original. Token renewals for other authentication methods do not require any supplied login information. Due to incorrect matching, the certificate authentication method would allow renewal of tokens for which the attacker had a sibling certificate+key signed by the same CA, but which did not necessarily match the original role or the originally supplied certificate. This implies an attacker could still authenticate to OpenBao in a similar scope, however, token renewal implies that an attacker may be able to extend the lifetime of dynamic leases held by the original token. This attack requires knowledge of either the original token or its accessor. This vulnerability is original from HashiCorp Vault. This is addressed in v2.5.3. As a workaround, ensure privileged roles are tightly scoped to single certificates."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 2,
            "baseSeverity": "LOW",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295: Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-21T00:43:22.920Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/openbao/openbao/security/advisories/GHSA-7ccv-rp6m-rffr",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/openbao/openbao/security/advisories/GHSA-7ccv-rp6m-rffr"
        }
      ],
      "source": {
        "advisory": "GHSA-7ccv-rp6m-rffr",
        "discovery": "UNKNOWN"
      },
      "title": "OpenBao\u0027s Certificate Authentication Allows Token Renewal With Different Certificate"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-39388",
    "datePublished": "2026-04-21T00:43:22.920Z",
    "dateReserved": "2026-04-06T22:06:40.515Z",
    "dateUpdated": "2026-04-21T19:36:07.865Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-3605 (GCVE-0-2026-3605)

Vulnerability from cvelistv5 – Published: 2026-04-17 02:44 – Updated: 2026-04-17 17:57

Title

Vault KVv2 Metadata and Secret Deletion Policy Bypass Denial-of-Service

Summary

An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were not authorized to read or write, resulting in denial-of-service. This vulnerability did not allow a malicious user to delete secrets across namespaces, nor read any secret data. Fxed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0, 1.21.5, 1.20.10, and 1.19.16.

Severity ?

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CWE

CWE-288 - Authentication Bypass Using an Alternate Path or Channel

Assigner

HashiCorp

References

URL

Tags

https://discuss.hashicorp.com/t/hcsec-2026-05-vau…

Impacted products

Vendor

Product

Version

Affected: 0.10.0 , < 2.0.0 (semver)

Vault Enterprise

Affected: 0.10.0 , < 2.0.0 (semver)

Credits

This issue was independently identified and reported by chungkn from OneMount Group, as well as Andy RUSSON et Gabriel DEPARTOUT from almond.eu , sponsored the ANSSI (French Cybersecurity Agency) open-source security audit program.

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-3605",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-17T13:20:23.015074Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-17T13:20:28.557Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "64 bit",
            "32 bit",
            "x86",
            "ARM",
            "MacOS",
            "Windows",
            "Linux"
          ],
          "product": "Vault",
          "repo": "https://github.com/hashicorp/vault",
          "vendor": "HashiCorp",
          "versions": [
            {
              "lessThan": "2.0.0",
              "status": "affected",
              "version": "0.10.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "64 bit",
            "32 bit",
            "x86",
            "ARM",
            "MacOS",
            "Windows",
            "Linux"
          ],
          "product": "Vault Enterprise",
          "repo": "https://github.com/hashicorp/vault",
          "vendor": "HashiCorp",
          "versions": [
            {
              "changes": [
                {
                  "at": "1.19.16",
                  "status": "unaffected"
                },
                {
                  "at": "1.20.10",
                  "status": "unaffected"
                },
                {
                  "at": "1.21.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "2.0.0",
              "status": "affected",
              "version": "0.10.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was independently identified and reported by chungkn from OneMount Group, as well as Andy RUSSON et Gabriel DEPARTOUT from almond.eu , sponsored the ANSSI (French Cybersecurity Agency) open-source security audit program."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were not authorized to read or write, resulting in denial-of-service. This vulnerability did not allow a malicious user to delete secrets across namespaces, nor read any secret data. Fxed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0, 1.21.5, 1.20.10, and 1.19.16.\u003c/p\u003e\u003cbr/\u003e"
            }
          ],
          "value": "An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were not authorized to read or write, resulting in denial-of-service. This vulnerability did not allow a malicious user to delete secrets across namespaces, nor read any secret data. Fxed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0, 1.21.5, 1.20.10, and 1.19.16."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-126",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-126: Path Traversal"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-288",
              "description": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-17T17:57:55.431Z",
        "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
        "shortName": "HashiCorp"
      },
      "references": [
        {
          "url": "https://discuss.hashicorp.com/t/hcsec-2026-05-vault-kvv2-metadata-and-secret-deletion-policy-bypass-denial-of-service/77342"
        }
      ],
      "source": {
        "advisory": "HCSEC-2026-05",
        "discovery": "EXTERNAL"
      },
      "title": "Vault KVv2 Metadata and Secret Deletion Policy Bypass Denial-of-Service"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
    "assignerShortName": "HashiCorp",
    "cveId": "CVE-2026-3605",
    "datePublished": "2026-04-17T02:44:42.032Z",
    "dateReserved": "2026-03-05T16:37:23.520Z",
    "dateUpdated": "2026-04-17T17:57:55.431Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-40264 (GCVE-0-2026-40264)

Vulnerability from cvelistv5 – Published: 2026-04-21 00:47 – Updated: 2026-04-21 19:30

Title

OpenBao's Token Store Allows Cross-Namespace Renewal, Revocation

Summary

OpenBao is an open source identity-based secrets management system. OpenBao's namespaces provide multi-tenant separation. Prior to version 2.5.3, a tenant who leaks token accessors can have their token revoked or renewed by a privileged administrator in another tenant. This is addressed in v2.5.3.

Severity ?

2 (Low)


                        
                          CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

CWE

CWE-1259 - Improper Restriction of Security Token Assignment

Assigner

GitHub_M

References

URL

Tags

https://github.com/openbao/openbao/security/advis…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	openbao	openbao	Affected: < 2.5.3

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-40264",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-21T19:30:42.448978Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-21T19:30:51.975Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "openbao",
          "vendor": "openbao",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.5.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenBao is an open source identity-based secrets management system. OpenBao\u0027s namespaces provide multi-tenant separation. Prior to version 2.5.3, a tenant who leaks token accessors can have their token revoked or renewed by a privileged administrator in another tenant. This is addressed in v2.5.3."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 2,
            "baseSeverity": "LOW",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1259",
              "description": "CWE-1259: Improper Restriction of Security Token Assignment",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-21T00:47:38.156Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/openbao/openbao/security/advisories/GHSA-p49j-v9wc-wg57",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/openbao/openbao/security/advisories/GHSA-p49j-v9wc-wg57"
        }
      ],
      "source": {
        "advisory": "GHSA-p49j-v9wc-wg57",
        "discovery": "UNKNOWN"
      },
      "title": "OpenBao\u0027s Token Store Allows Cross-Namespace Renewal, Revocation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-40264",
    "datePublished": "2026-04-21T00:47:38.156Z",
    "dateReserved": "2026-04-10T17:31:45.787Z",
    "dateUpdated": "2026-04-21T19:30:51.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-39396 (GCVE-0-2026-39396)

Vulnerability from cvelistv5 – Published: 2026-04-21 00:44 – Updated: 2026-04-21 19:49

Title

OpenBao has Decompression Bomb via Unbounded Copy in OCI Plugin Extraction (DoS)

Summary

OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, `ExtractPluginFromImage()` in OpenBao's OCI plugin downloader extracts a plugin binary from a container image by streaming decompressed tar data via `io.Copy` with no upper bound on the number of bytes written. An attacker who controls or compromises the OCI registry referenced in the victim's configuration can serve a crafted image containing a decompression bomb that decompresses to an arbitrarily large file. The SHA256 integrity check occurs after the full file is written to disk, meaning the hash mismatch is detected only after the damage (disk exhaustion) has already occurred. This allow the attacker to replace **legit plugin image** with no need to change its signature. Version 2.5.3 contains a patch.

Severity ?

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE

CWE-400 - Uncontrolled Resource Consumption
CWE-674 - Uncontrolled Recursion
CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

GitHub_M

References

URL

Tags

https://github.com/openbao/openbao/security/advis…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	openbao	openbao	Affected: < 2.5.3

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-39396",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-21T15:57:04.802504Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-21T19:49:18.821Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/openbao/openbao/security/advisories/GHSA-r65v-xgwc-g56j"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "openbao",
          "vendor": "openbao",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.5.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, `ExtractPluginFromImage()` in OpenBao\u0027s OCI plugin downloader extracts a plugin binary from a container image by streaming decompressed tar data via `io.Copy` with no upper bound on the number of bytes written. An attacker who controls or compromises the OCI registry referenced in the victim\u0027s configuration can serve a crafted image containing a decompression bomb that decompresses to an arbitrarily large file. The SHA256 integrity check occurs after the full file is written to disk, meaning the hash mismatch is detected only after the damage (disk exhaustion) has already occurred. This allow the attacker to replace **legit plugin image** with no need to change its signature. Version 2.5.3 contains a patch."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-674",
              "description": "CWE-674: Uncontrolled Recursion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-21T00:44:53.943Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/openbao/openbao/security/advisories/GHSA-r65v-xgwc-g56j",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/openbao/openbao/security/advisories/GHSA-r65v-xgwc-g56j"
        }
      ],
      "source": {
        "advisory": "GHSA-r65v-xgwc-g56j",
        "discovery": "UNKNOWN"
      },
      "title": "OpenBao has Decompression Bomb via Unbounded Copy in OCI Plugin Extraction (DoS)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-39396",
    "datePublished": "2026-04-21T00:44:53.943Z",
    "dateReserved": "2026-04-06T22:06:40.516Z",
    "dateUpdated": "2026-04-21T19:49:18.821Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.