openbao
Security Productsoss-project
Top products
Latest CVEs
The 8 most recently published vulnerabilities affecting openbao.
- CVE-2026-42186OpenBao's Namespace Deletion May Not Delete Data Properly7.5
- CVE-2026-40264OpenBao's Token Store Allows Cross-Namespace Renewal, Revocation2.7
- CVE-2026-39396OpenBao has Decompression Bomb via Unbounded Copy in OCI Plugin Extraction (DoS)3.1
- CVE-2026-39388OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate3.1
- CVE-2026-39946OpenBao allows SQL Injection in PostgreSQL database secrets engine4.9
- CVE-2026-33758OpenBao has Reflected XSS in its OIDC authentication error message6.1
- CVE-2026-33757OpenBao lacks user confirmation for OIDC direct callback mode9.6
- CVE-2025-4166Vault May Include Sensitive Data in Error Logs When Using the KV v2 Plugin4.5