cbcvebase.
CVE-2026-27898
published 2026-03-04

CVE-2026-27898: Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Prior to version 1.35.4, an authenticated regular…

PriorityP431medium5.4CVSS 3.1
AVNACLPRLUINSUCLILAN
EPSS
0.17%
6.3th percentile
Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Prior to version 1.35.4, an authenticated regular user can specify another user’s cipher_id and call "PUT /api/ciphers/{id}/partial" Even though the standard retrieval API correctly denies access to that cipher, the partial update endpoint returns 200 OK and exposes cipherDetails (including name, notes, data, secureNote, etc.). This issue has been patched in version 1.35.4.

Affected

2 ranges
VendorProductVersion rangeFixed in
dani-garciavaultwarden< 1.35.41.35.4
dani-garciavaultwarden>= 0 < 1.35.41.35.4

CVSS provenance

nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
vendor_redhat5.4MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.