Hashicorp

189 tracked vulnerabilities.

CVE-2025-13432 MEDIUM
Hashicorp Terraform < 1.0.3 - Incorrect Authorization
Nov 21, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-13357 HIGH
Hashicorp Terraform Provider < 5.5.0 - Authentication Bypass
Nov 21, 2025
CVSS 7.4
EPSS 0.00
CVE-2025-11375 MEDIUM
Consul <1.22.0 - DoS
Oct 28, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-11374 MEDIUM
Consul <1.22.0 - DoS
Oct 28, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-12044 HIGH
Hashicorp Vault < 1.16.27 - Resource Allocation Without Limits
Oct 23, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-11621 HIGH
Hashicorp Vault < 1.16.27 - Authentication Bypass
Oct 23, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-6203 HIGH
Vault <1.20.3 - DoS
Aug 28, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-8959 HIGH
Hashicorp Go-getter < 1.7.9 - Symlink Following
Aug 15, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-6013 MEDIUM
Vault - Privilege Escalation
Aug 06, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-6037 MEDIUM
Vault <1.20.1 - Auth Bypass
Aug 01, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-6015 MEDIUM
Vault <1.20.1 - Auth Bypass
Aug 01, 2025
CVSS 5.7
EPSS 0.00
CVE-2025-6014 MEDIUM
Vault <1.20.1 - Code Injection
Aug 01, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-6011 LOW
Vault <1.20.1 - Info Disclosure
Aug 01, 2025
CVSS 3.7
EPSS 0.00
CVE-2025-6004 MEDIUM
Vault - Auth Bypass
Aug 01, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-6000 CRITICAL
Vault <1.20.1 - Code Injection
Aug 01, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-5999 HIGH
Hashicorp Vault < 1.16.22 - Incorrect Privilege Assignment
Aug 01, 2025
CVSS 7.2
EPSS 0.00
CVE-2025-4656 LOW
Vault - DoS
Jun 25, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-4922 HIGH
Hashicorp Nomad < 1.8.14 - Incorrect Privilege Assignment
Jun 11, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-3744 HIGH
Nomad - Policy Bypass
May 13, 2025
CVSS 7.6
EPSS 0.00
CVE-2025-3879 MEDIUM
Hashicorp Vault < 1.16.18 - Incorrect Authorization
May 02, 2025
CVSS 6.6
EPSS 0.00
CVE-2025-4166 MEDIUM
Hashicorp Vault < 1.16.20 - Error Information Exposure
May 02, 2025
CVSS 4.5
EPSS 0.00
CVE-2025-1296 MEDIUM
Hashicorp Nomad < 1.7.19 - Log Information Exposure
Mar 10, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-1293 HIGH
Hashicorp Hermes < 0.5.0 - Authentication Bypass
Feb 20, 2025
CVSS 8.2
EPSS 0.00
CVE-2025-0937 HIGH
Hashicorp Nomad < 1.7.18 - Incorrect Authorization
Feb 12, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-0377 HIGH
HashiCorp's go-slug - Path Traversal
Jan 21, 2025
CVSS 7.5
EPSS 0.00
Products
vault 68 nomad 36 consul 35 go-getter 9 vagrant_vmware_fusion 7 boundary 5 terraform 5 terraform_enterprise 5 vagrant 4 terraform_provider 2 sentinel 2 go-slug 2 vault_provider_for_secrets_store_csi_driver 1 vault-ssh-helper 1 terraform-provider-aws 1 hermes 1 consul-template 1 vagrant_vmware_utility 1 consul_docker_image 1 vault-action 1 vault-csi-provider 1 vault-plugin-secrets-gcp 1 go-retryablehttp 1 terraform-provider-vault 1 consul_template 1 packer 1 retryablehttp 1
Quick Filters
Critical CVEs With Exploits In CISA KEV