CVE security advisories and vulnerability history for vault by hashicorp.
72
Total CVEs
Published
0
In CISA KEV
Exploited in the wild
3
Public exploits
With known exploit
6.1
Avg CVSS
2018–2026
Last updated
Overview
hashicorp vault has 72 published CVE records since 2018, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 3 have a known public exploit. The average CVSS base score across scored CVEs is 6.1.
This page aggregates every publicly disclosed vulnerability (CVE) affecting hashicorp vault, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list. Affected platforms include 32 bit, 64 bit, ARM, Linux, MacOS, Windows.
Severity and exploitation
How the CVSS severity of hashicorp vault's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.
Critical2
High14
Medium23
Low5
28 additional CVEs have no CVSS severity score.
In CISA’s Known Exploited Vulnerabilities catalog
0
None of hashicorp vault's CVEs are currently listed in CISA's KEV catalog.
Public exploits
3
3 of hashicorp vault's CVEs have a known public exploit available.
Affected versions and CVEs
Browse every hashicorp vault version named in a CVE, then pick one to see only the CVEs that affect it.
Common questions about hashicorp vault vulnerabilities.
How many CVEs does hashicorp vault have?
hashicorp vault has 72 published CVE records since 2018.
How many hashicorp vault CVEs are in CISA KEV?
None of hashicorp vault's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.
Are there public exploits for hashicorp vault vulnerabilities?
Yes — 3 of hashicorp vault's CVEs have a known public exploit.
Which versions of hashicorp vault are affected?
604 distinct hashicorp vault versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.
What are the most common weakness types in hashicorp vault CVEs?
hashicorp vault's CVEs most often map to these CWE weakness types: CWE-266 (Incorrect Privilege Assignment), CWE-770 (Allocation of Resources Without Limits or Throttling), CWE-295 (Improper Certificate Validation), CWE-532 (Insertion of Sensitive Information into Log File).
How many critical hashicorp vault vulnerabilities are there?
hashicorp vault has 2 critical and 14 high-severity CVEs.
What is the average severity of hashicorp vault CVEs?
The average CVSS base score across hashicorp vault's scored CVEs is 6.1.
