Odf4 Cephcsi-Rhel8 vulnerabilities

CVE-2026-5807 [HIGH] CWE-770 Vault: Vault: Denial of Service via unauthenticated root token generation or rekey operations Vault: Vault: Denial of Service via unauthenticated root token generation or rekey operations A flaw was found in Vault. An unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations. This action occupies the single slot designated for in-progress operations, effectively preventing legitimate operators from completing critical admin

CVE-2026-4525 [HIGH] CWE-201 Vault: Vault: Information disclosure of authentication tokens via incorrect header handling Vault: Vault: Information disclosure of authentication tokens via incorrect header handling A flaw was found in Vault. When a Vault authentication mount is configured to pass through the "Authorization" header, and this header is used for authentication, Vault incorrectly forwards the sensitive Vault token to the authentication plugin backend. This can lead to the disclosure

CVE-2026-3605 [HIGH] CWE-639 Vault: Vault: Denial of Service due to unauthorized secret deletion via policy bypass Vault: Vault: Denial of Service due to unauthorized secret deletion via policy bypass A flaw was found in Vault. An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were not authorized to read or write. This vulnerability can lead to a denial-of-service by allowing the deletion of critical data. It does not permit a

CVE-2026-5052 [MEDIUM] CWE-918 Vault: Vault: Information disclosure via Server-Side Request Forgery in ACME challenge validation Vault: Vault: Information disclosure via Server-Side Request Forgery in ACME challenge validation A flaw was found in Vault’s PKI engine. The ACME (Automated Certificate Management Environment) validation process did not properly restrict requests to local network targets when handling http-01 and tls-alpn-01 challenges. This vulnerability, known as Server-Side Reques