Vulnerability in Openbao

CVE-2026-39388

OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, OpenBao's Certificate authentication method, when a token renewal is requested and `disable_binding=true` is set, attempts to verify the current re…

Vulnerability class: Improper Certificate Validation

EPSS: 0.000 (6.1th percentile) — read the EPSS interpretation.