Main Vulnerability Database Vulnerabilities #VU126409

#VU126409 Information disclosure in Vault and Vault Enterprise - CVE-2026-4525

Published: April 17, 2026

Vulnerability identifier: #VU126409

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2026-4525

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Vault
Vault Enterprise

Software vendor:
HashiCorp

Description

The vulnerability allows a remote user to disclose sensitive information.

The vulnerability exists due to improper header sanitization in the auth plugin backend request processing logic when forwarding the "Authorization" header to an auth plugin backend. A remote user can send a request authenticated with the "Authorization" header to disclose sensitive information.

Exploitation requires an auth mount to be configured to pass through the "Authorization" header.

Remediation

Install security update from vendor's website.

External links

https://discuss.hashicorp.com/t/hcsec-2026-07-vault-may-expose-tokens-to-auth-plugins-due-to-incorrect-header-sanitization/77344

#VU126409 Information disclosure in Vault and Vault Enterprise - CVE-2026-4525

Description

Remediation

External links

Please verify you're human