CVSS: 3.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-4656 – Vault Vulnerable to Recovery Key Cancellation Denial of Service
https://notcve.org/view.php?id=CVE-2025-4656
25 Jun 2025 — Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled cancellation by a Vault operator. This vulnerability (CVE-2025-4656) has been remediated in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11, 1.17.17, and 1.16.22. These are all security issues fixed in the openbao-2.3.1-1.1 package on the GA media of openSUSE Tumbleweed. • https://discuss.hashicorp.com/t/hcsec-2025-11-vault-vulnerable-to-recovery-key-cancellation-denial-of-service/75570 • CWE-1088: Synchronous Access of Remote Resource without Timeout •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-4922 – Nomad Vulnerable To Incorrect ACL Policy Lookup Attached To A Job
https://notcve.org/view.php?id=CVE-2025-4922
11 Jun 2025 — Nomad Community and Nomad Enterprise (“Nomad”) prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14. • https://discuss.hashicorp.com/t/hcsec-2025-12-nomad-vulnerable-to-incorrect-acl-policy-lookup-attached-to-a-job/75396 • CWE-266: Incorrect Privilege Assignment •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3744 – Nomad Vulnerable To Violation Of Mandatory Sentinel Policies in Nomad Job Submissions via Policy Override
https://notcve.org/view.php?id=CVE-2025-3744
13 May 2025 — Nomad Enterprise (“Nomad”) jobs using the policy override option are bypassing the mandatory sentinel policies. This vulnerability, identified as CVE-2025-3744, is fixed in Nomad Enterprise 1.10.1, 1.9.9, and 1.8.13. • https://discuss.hashicorp.com/t/hcsec-2025-08-nomad-enterprise-vulnerable-to-violation-of-mandatory-sentinel-policies-in-job-submissions-via-policy-override/74935 • CWE-266: Incorrect Privilege Assignment •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-3879 – Vault’s Azure Authentication Method bound_location Restriction Could be Bypassed on Login
https://notcve.org/view.php?id=CVE-2025-3879
02 May 2025 — Vault Community, Vault Enterprise (“Vault”) Azure Auth method did not correctly validate the claims in the Azure-issued token, resulting in the potential bypass of the bound_locations parameter on login. Fixed in Vault Community Edition 1.19.1 and Vault Enterprise 1.19.1, 1.18.7, 1.17.14, 1.16.18. These are all security issues fixed in the govulncheck-vulndb-0.0.20250506T153719-1.1 package on the GA media of openSUSE Tumbleweed. • https://discuss.hashicorp.com/t/hcsec-2025-07-vault-s-azure-authentication-method-bound-location-restriction-could-be-bypassed-on-login/74716 • CWE-863: Incorrect Authorization •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-4166 – Vault May Include Sensitive Data in Error Logs When Using the KV v2 Plugin
https://notcve.org/view.php?id=CVE-2025-4166
02 May 2025 — Vault Community and Vault Enterprise Key/Value (kv) Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is fixed in Vault Community 1.19.3 and Vault Enterprise 1.19.3, 1.18.9, 1.17.16, 1.16.20. These are all security issues fixed in the govulncheck-vulndb-0.0.20250506T153719-1.1 package on the GA media of openSUSE Tum... • https://discuss.hashicorp.com/t/hcsec-2025-09-vault-may-expose-sensitive-information-in-error-logs-when-processing-malformed-data-with-the-kv-v2-plugin • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-1296 – Nomad Exposes Sensitive Workload Identity and Client Secret Token in Audit Logs
https://notcve.org/view.php?id=CVE-2025-1296
28 Feb 2025 — Nomad Community and Nomad Enterprise (“Nomad”) are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19. These are all security issues fixed in the govulncheck-vulndb-0.0.20250313T170021-1.1 package on the GA media of openSUSE Tumbleweed. • https://discuss.hashicorp.com/t/hcsec-2025-04-nomad-exposes-sensitive-workload-identity-and-client-secret-token-in-audit-logs/73737 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1293 – HashiCorp Hermes Improperly Validates AWS ALB JWTs, which May Lead to Authentication Bypass
https://notcve.org/view.php?id=CVE-2025-1293
20 Feb 2025 — Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0. • https://discuss.hashicorp.com/t/hcsec-2025-03-hashicorp-hermes-improperly-validates-aws-alb-jwts-which-may-lead-to-authentication-bypass/73371 • CWE-1390: Weak Authentication •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-0937 – Nomad Vulnerable To Event Stream Namespace ACL Policy Bypass Through Wildcard Namespace
https://notcve.org/view.php?id=CVE-2025-0937
12 Feb 2025 — Nomad Community and Nomad Enterprise ("Nomad") event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces. • https://discuss.hashicorp.com/t/hcsec-2025-02-nomad-vulnerable-to-event-stream-namespace-acl-policy-bypass-through-wildcard-namespace/73191 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0377 – HashiCorp go-slug Vulnerable to Zip Slip Attack
https://notcve.org/view.php?id=CVE-2025-0377
21 Jan 2025 — HashiCorp’s go-slug library is vulnerable to a zip-slip style attack when a non-existing user-provided path is extracted from the tar entry. This update for govulncheck-vulndb fixes the following issues. • https://discuss.hashicorp.com/t/hcsec-2025-01-hashicorp-go-slug-vulnerable-to-zip-slip-attack • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-12678 – Nomad Allocations Vulnerable To Privilege Escalation Within A Namespace Using Unredacted Workload Identity Tokens
https://notcve.org/view.php?id=CVE-2024-12678
20 Dec 2024 — Nomad Community and Nomad Enterprise ("Nomad") allocations are vulnerable to privilege escalation within a namespace through unredacted workload identity tokens. This vulnerability, identified as CVE-2024-12678, is fixed in Nomad Community Edition 1.9.4 and Nomad Enterprise 1.9.4, 1.8.8, and 1.7.16. These are all security issues fixed in the govulncheck-vulndb-0.0.20241220T214820-1.1 package on the GA media of openSUSE Tumbleweed. • https://discuss.hashicorp.com/t/hcsec-2024-29-nomad-allocations-vulnerable-to-privilege-escalation-within-a-namespace-using-unredacted-workload-identity-token/72119 • CWE-266: Incorrect Privilege Assignment •