CVE-2026-33420 | dani-garcia vaultwarden up to 1.35.4 details has_full_access authorization

A vulnerability, which was classified as problematic, has been found in dani-garcia vaultwarden up to 1.35.4. Affected by this vulnerability is the function has_full_access of the file /api/organizations/{org_id}/collections/details. The manipulation leads to missing authorization.

This vulnerability is traded as CVE-2026-33420. It is possible to initiate the attack remotely. There is no exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More