CVE-2026-5807
published 2026-04-17CVE-2026-5807: Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey…
PriorityP347high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.72%
49.2th percentile
Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This vulnerability, CVE-2026-5807, is fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | hashicorp_vault | 0 – 1.21.4 | — |
| hashicorp | vault | < 2.0.0 | 2.0.0 |
| hashicorp | vault_enterprise | < 2.0.0. | 2.0.0. |
| ocs4 | cephcsi-rhel8 | — | — |
| odf4 | cephcsi-rhel8 | — | — |
| odf4 | cephcsi-rhel9 | — | — |
| odf4 | mcg-cli-rhel9 | — | — |
| odf4 | mcg-rhel8-operator | — | — |
| odf4 | mcg-rhel9-operator | — | — |
| openshift4 | ose-baremetal-installer-rhel9 | — | — |
| openshift4 | ose-installer-rhel9 | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
Vault: Vault: Denial of Service via unauthenticated root token generation or rekey operations
vendor_redhat·2026-04-17·CVSS 7.5
CVE-2026-5807 [HIGH] CWE-770 Vault: Vault: Denial of Service via unauthenticated root token generation or rekey operations
Vault: Vault: Denial of Service via unauthenticated root token generation or rekey operations
A flaw was found in Vault. An unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations. This action occupies the single slot designated for in-progress operations, effectively preventing legitimate operators from completing critical administrative workflows. This vulnerability leads to a denial-of-service condition, impacting the availability of Vault's key management functions.
Mitigation: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Package: openshift4/ose-baremet
GHSA
HashiCorp Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations
ghsa·2026-04-17
CVE-2026-5807 [HIGH] CWE-770 HashiCorp Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations
HashiCorp Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations
Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This vulnerability, CVE-2026-5807, is fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0.
No detection rules found.
No public exploits indexed.
https://discuss.hashicorp.com/t/hcsec-2026-08-vault-vulnerable-to-denial-of-service-via-unauthenticated-root-token-generation-rekey-operations/77345https://access.redhat.com/security/cve/CVE-2026-5807https://bugzilla.redhat.com/show_bug.cgi?id=2459109https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-5807.json
2026-04-17
Published