CVE-2026-27803

EPSS -
Veröffentlicht 04.03.2026 21:40:33
Zuletzt bearbeitet 04.03.2026 22:16:18
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Prior to version 1.35.4, when a Manager has manage=false for a given collection, they can still perform several management operations as long as they have access to the collection. This issue has been patched in version 1.35.4.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 3 Referenzen 4

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

Herstellerdani-garcia

≫

Produkt vaultwarden

Version < 1.35.4

Status affected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security-advisories@github.com	8.3	2.8	5.5	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

CWE-285 Improper Authorization

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

https://github.com/dani-garcia/vaultwarden/security/advisories/GHSA-h4hq-rgvh-wh27

https://nvd.nist.gov/vuln/detail/CVE-2026-27803

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-27803

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-27803

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-27803