Description
Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This vulnerability, CVE-2026-5807, is fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0.
Published: 2026-04-17
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Immediate Patch
AI Analysis

Impact

Vault is vulnerable to a denial‑of‑service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in‑progress operation slot. This forces legitimate operators to wait until the operation completes or times out, effectively blocking critical administrative workflows that rely on root access. The underlying weakness is a resource exhaustion flaw (CWE‑770).

Affected Systems

The vulnerability affects all installations of HashiCorp Vault Community Edition and Vault Enterprise that are prior to version 2.0.0. Operators running any earlier release are subject to the denial‑of‑service attack, whereas deployments on 2.0.0 or later contain the fix.

Risk and Exploitability

The CVSS score of 7.5 classifies the flaw as high severity, and the absence of authentication requirements means an attacker only needs network access to the Vault API. The exploitability is straightforward: by repeatedly issuing root token or rekey commands, an unauthenticated attacker can monopolize the single operation slot. Current EPSS data is unavailable and the vulnerability is not listed in the CISA KEV catalog, but the high CVSS score coupled with the lack of safeguards makes it a significant threat to operational availability.

Generated by OpenCVE AI on April 17, 2026 at 05:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Vault Community Edition 2.0.0 or later, or Vault Enterprise 2.0.0 or later, to apply the vendor‑provided fix.
  • Reconfigure network or firewall rules to restrict unauthenticated access to the Vault API, ensuring that only trusted hosts can communicate with the server.
  • Enable monitoring and alerts on root token and rekey initiation events to detect abnormal activity and intervene before legitimate operators are blocked.

Generated by OpenCVE AI on April 17, 2026 at 05:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-88v5-9hxc-f85r HashiCorp Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations
History

Sat, 18 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Important

Fri, 17 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 17 Apr 2026 07:15:00 +0000

Type Values Removed Values Added
First Time appeared Hashicorp
Hashicorp vault
Hashicorp vault Enterprise
Vendors & Products Hashicorp
Hashicorp vault
Hashicorp vault Enterprise

Fri, 17 Apr 2026 04:30:00 +0000

Type Values Removed Values Added
Description Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This vulnerability, CVE-2026-5807, is fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0.
Title Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations
Weaknesses CWE-770
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Hashicorp Vault Vault Enterprise
cve-icon MITRE

Status: PUBLISHED

Assigner: HashiCorp

Published:

Updated: 2026-04-17T17:57:55.504Z

Reserved: 2026-04-08T14:43:57.845Z

Link: CVE-2026-5807

cve-icon Vulnrichment

Updated: 2026-04-17T13:19:04.621Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-17T05:16:19.303

Modified: 2026-04-17T15:08:25.183

Link: CVE-2026-5807

cve-icon Redhat

Severity : Important

Publid Date: 2026-04-17T03:22:13Z

Links: CVE-2026-5807 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T07:00:08Z

Weaknesses