CVE-2026-5052 | HashiCorp Vault/Vault Enterprise up to 1.21.0 PKI Engine ACME Validation server-side request forgery

A vulnerability described as critical has been identified in HashiCorp Vault and Vault Enterprise. This affects an unknown function of the component PKI Engine ACME Validation. Such manipulation leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2026-5052. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More