CNNVD-202602-1813 Information
CNNVD ID
CNNVD-202602-1813
Related CVE
- CNNVD Published: 2026-02-11
Description (Chinese)
Vaultwarden是Daniel García个人开发者的一个用 Rust 编写的 Bitwarden 服务器 API 的替代实现。 vaultwarden 1.35.3之前版本存在安全漏洞,该漏洞源于端点/ciphers/organization-details访问控制不当,可能导致组织成员检索组织内的所有密码。
Description (English)
Vaultwarden is an alternative to the Bitwarden server API, developed by Rust, by Daniel García’s personal developer. There is a security loophole in the pre-varitward version of 1.35.3, which stems from inappropriate access controls at the endpoint/ciphers/organization-details, which may lead members to retrieve all passwords within the organization.
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2026-02-11
Last Modified
2026-02-24
References
https://github.com/dani-garcia/vaultwarden/releases/tag/1.35.3 https://github.com/dani-garcia/vaultwarden/security/advisories/GHSA-h265-g7rm-h337
Patch
https://github.com/dani-garcia/vaultwarden/releases
Share on: