Skip to main content

Vaultwarden CVE-2026-27802

HIGH
Improper Privilege Management (CWE-269)
2026-03-04 security-advisories@github.com GHSA-r32r-j5jq-3w4m
Privilege Escalation Vaultwarden Red Hat
8.3
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
8.3 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Red Hat
8.1 HIGH
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
Low

Lifecycle Timeline

3
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
Analysis Generated
Mar 12, 2026 - 22:05 vuln.today
CVE Published
Mar 04, 2026 - 22:16 nvd
HIGH 8.3

DescriptionGitHub Advisory

Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Prior to version 1.35.4, there is a privilege escalation vulnerability via bulk permission update to unauthorized collections by Manager. This issue has been patched in version 1.35.4.

AnalysisAI

Vaultwarden versions before 1.35.4 contain a privilege escalation vulnerability that allows authenticated Manager-level users to modify permissions on collections they should not have access to. An attacker with Manager role can exploit this during bulk permission updates to gain unauthorized access to sensitive collections. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate as Manager user
Exploit
Access bulk permission update endpoint
Execution
Modify collection permissions unauthorized
Impact
Escalate privileges to restricted collections
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Authenticated Manager account required. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 8.3 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker without authentication could exploit this vulnerability to compromise the affected system.
Remediation Fixed in version 1.35.4.. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Audit all Manager-role users in Vaultwarden and review recent collection access logs for suspicious activity. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

Share

CVE-2026-27802 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy