What is CVE-2026-4525?

CVE-2026-4525 is a high-severity vulnerability in Hashicorp Vault, classified under Insertion of Sensitive Information into Sent Data. CVSS score: 7.5/10. Published 2026-04-17.

How severe is CVE-2026-4525?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Hashicorp Vault

CVE-2026-4525

If a Vault auth mount is configured to pass through the "Authorization" header, and the "Authorization" header is used to authenticate to Vault, Vault forwarded the Vault token to the auth plugin backend. Fixed in 2.0.0, 1.21.5, 1.20.10, a…

EPSS: 0.000 (7.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Hashicorp Vault — versions 0.11.2
Hashicorp Vault Enterprise — versions 0.11.2

Weakness classification (CWE)

CWE-201 — Insertion of Sensitive Information into Sent Data

References

discuss.hashicorp.com/t/hcsec-2026-07-vault-may-expose-tokens-to-auth-plugins-d…

Frequently asked questions

What is CVE-2026-4525?: CVE-2026-4525 is a high-severity vulnerability in Hashicorp Vault, classified under Insertion of Sensitive Information into Sent Data. CVSS score: 7.5/10. Published 2026-04-17.
How severe is CVE-2026-4525?: High severity. CVSS v3 base score is 7.5 out of 10.