Zero Day MonitorZDM

← Back to list

5.3

CVE-2026-5052PATCHED

hashi · vault

Vault Vulnerable to Server-Side Request Forgery in ACME Challenge Validation via Attacker-Controlled DNS

Description

Vault’s PKI engine’s ACME validation did not reject local targets when issuing http-01 and tls-alpn-01 challenges. This may lead to these requests being sent to local network targets, potentially leading to information disclosure. Fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0, 1.21.5, 1.20.10, and 1.19.16.

Affected Products

Vendor	Product	Versions
hashi	vault	1.15.0, 1.15.0

References

https://discuss.hashicorp.com/t/hcsec-2026-06-vault-vulnerable-to-server-side-request-forgery-in-acme-challenge-validation-via-attacker-controlled-dns/77343

Related News (2 articles)

Tier B

BSI Advisories9h ago

[NEU] [hoch] Hashicorp Vault Community Edition und Enterprise: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

VulDB14h ago

CVE-2026-5052 | HashiCorp Vault/Vault Enterprise up to 1.21.0 PKI Engine ACME Validation server-side request forgery

→ No new info (linked only)

CVSS 3.15.3 MEDIUM

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA KEV❌ No

Actively exploited❌ No

Patch available

2.0.0

CWECWE-918

PublishedApr 17, 2026

Last enriched14h agov2

Tags

CVE-2026-5052

Trending Score43

Source articles2

Independent2

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-3605EXP

Vault KVv2 Metadata and Secret Deletion Policy Bypass Denial-of-Service

HIGHCVE-2026-4525EXP

Vault Token Leaked to Backends via Authorization: Bearer Passthrough Header

HIGHCVE-2026-5807

Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations

Vault KVv2 Metadata and Secret Deletion Policy Bypass and Server-Side Request Forgery Vulnerabilities

HIGHCVE-2026-4660

Go-getter may allow to arbitrary filesystem reads through git operations

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 17, 2026

Discovered by ZDM

Apr 17, 2026

Updated: severity, tags

Apr 17, 2026

Patch Available

Apr 17, 2026

Version History

v2

Last enriched 14h ago

v2Tier C14h ago

Updated severity to CRITICAL, marked exploit availability as false, and added CVE-2026-5052 tag.

severitytags

via VulDB

v115h ago

Initial creation