FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Vaultwarden -- Multiple vulnerabilities

Affected packages
vaultwarden < 1.35.5

Details

VuXML ID 57f31f61-36a1-11f1-9839-8447094a420f
Discovery 2026-04-12
Entry 2026-04-12

The Vaultwarden project reports:

GHSA-937x-3j8m-7w7p Unconfirmed Owner Can Purge Entire Organization Vault.

GHSA-569v-845w-g82p Cross-Org Group Binding Enables Unauthorized Read And Write Access Into Another Organization

GHSA-6j4w-g4jh-xjfx Refresh tokens not invalidated on security stamp rotation

[source]

References

URL https://github.com/dani-garcia/vaultwarden/releases/tag/1.35.5

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.