CVE-2026-27803
HIGH
GHSA-h4hq-rgvh-wh27
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Lifecycle Timeline
3Description
Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Prior to version 1.35.4, when a Manager has manage=false for a given collection, they can still perform several management operations as long as they have access to the collection. This issue has been patched in version 1.35.4.
Analysis
Vaultwarden versions prior to 1.35.4 fail to properly enforce collection management permissions, allowing authenticated users with Manager roles to perform restricted management operations on collections where they lack authorization. An attacker with valid credentials can exploit this privilege escalation to modify or control collections they should not have access to. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all Vaultwarden deployments and document current versions; review audit logs for unauthorized manager activity on collections with manage=false permissions. Within 7 days: Implement network segmentation to restrict Vaultwarden access to essential users only; enforce multi-factor authentication for all manager accounts. …
Sign in for detailed remediation steps.
Priority Score
Vendor Status
Share
External POC / Exploit Code
Leaving vuln.today