CVE-2026-5051
MEDIUMAudit Log Plugin Directory Guard Bypass via Legacy path Option
Title source: cnaDescription
HashiCorp Vault and Vault Enterprise prior to 2.0.1 audit device validation logic did not consistently apply plugin directory protections when the legacy file audit path option was used. This vulnerability (CVE-2026-5051) is fixed in 2.0.1, 1.21.6, 1.20.11, and 1.19.17.
References (1)
Core 1
Scores
CVSS v3
4.4
EPSS
0.0028
EPSS Percentile
19.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-22
Status
published
Products (2)
HashiCorp/Vault
1.20.1 - 2.0.1
HashiCorp/Vault Enterprise
1.19.0 - 2.0.1
Published
Jul 01, 2026
Tracked Since
Jul 01, 2026