CVE-2026-5051

MEDIUM

Audit Log Plugin Directory Guard Bypass via Legacy path Option

Title source: cna
STIX 2.1

Description

HashiCorp Vault and Vault Enterprise prior to 2.0.1 audit device validation logic did not consistently apply plugin directory protections when the legacy file audit path option was used. This vulnerability (CVE-2026-5051) is fixed in 2.0.1, 1.21.6, 1.20.11, and 1.19.17.

Scores

CVSS v3 4.4
EPSS 0.0028
EPSS Percentile 19.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-22
Status published
Products (2)
HashiCorp/Vault 1.20.1 - 2.0.1
HashiCorp/Vault Enterprise 1.19.0 - 2.0.1
Published Jul 01, 2026
Tracked Since Jul 01, 2026