CVE-2026-4525 | HashiCorp Vault/Vault Enterprise up to 1.21.0 Header Authorization insertion of sensitive information into sent data

A vulnerability, which was classified as problematic, has been found in HashiCorp Vault and Vault Enterprise. Affected by this vulnerability is an unknown functionality of the component Header Handler. The manipulation of the argument Authorization leads to insertion of sensitive information into sent data.

This vulnerability is referenced as CVE-2026-4525. Remote exploitation of the attack is possible. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More