Is Hashicorp affected by EUVD-2026-15953?

A HIGH severity vulnerability in n8n workflow automation allows authenticated employees to illegally access sensitive secrets stored in external vaults, potentially exposing API keys, database credentials, and other critical authentication materials.

EUVD-2026-15953

| CVE-2026-33722 HIGH

2026-03-25 GitHub_M

GHSA-fxcw-h3qj-8m8p

7.3

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Patch Released

Mar 31, 2026 - 21:13 nvd

Patch available

PoC Detected

Mar 27, 2026 - 19:34 vuln.today

Public exploit code

Analysis Generated

Mar 25, 2026 - 18:32 vuln.today

EUVD ID Assigned

Mar 25, 2026 - 18:32 euvd

EUVD-2026-15953

CVE Published

Mar 25, 2026 - 18:09 nvd

HIGH 7.3

Description

n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential. This bypassed the `externalSecret:list` permission check and allowed access to secrets stored in connected vaults without admin or owner privileges. This issue requires the instance to have an external secrets vault configured. The attacker must know or be able to guess the name of a target secret. The issue has been fixed in n8n versions 1.123.23 and 2.6.4. Users should upgrade to one of these versions or later to remediate the vulnerability. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Restrict n8n access to fully trusted users only, and/or disable external secrets integration until the patch can be applied. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures.

Analysis

Authenticated users in n8n versions prior to 1.123.23 and 2.6.4 can bypass external secrets permission checks to retrieve plaintext secret values from configured vaults by referencing secrets by name in credentials, even without list permissions. This allows unauthorized access to sensitive vault-stored credentials without requiring admin or owner privileges, provided the attacker knows or can guess the target secret name. …

Remediation

Within 24 hours: Inventory all n8n deployments and identify instances with external vault configurations; disable external secrets vault integration if business-critical. Within 7 days: Audit access logs for suspicious secret retrieval attempts; reset all credentials accessed through affected n8n instances; engage n8n support for patch timeline. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +36

POC: +20

EUVD-2026-15953 vulnerability details – vuln.today

Back

EUVD-2026-15953

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

EUVD-2026-15953

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code