SB2026042157 - Fedora 42 update for openbao

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2026042157

SB2026042157 - Fedora 42 update for openbao

Published: April 21, 2026

Security Bulletin ID SB2026042157
Severity
High
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 50% Medium 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Missing Authentication for Critical Function (CVE-ID: CVE-2026-33757)

The vulnerability allows a remote attacker to obtain an OpenBao token associated with the attacker's session by tricking a victim into completing a login flow.

The vulnerability exists due to improper authentication flow control in the JWT/OIDC direct callback mode when handling authentication requests for roles configured with callback_mode set to direct. A remote attacker can start an authentication request and have the victim visit a crafted URL to obtain an OpenBao token associated with the attacker's session by tricking a victim into completing a login flow.

User interaction is required to visit the URL and complete the login flow.


2) Cross-site scripting (CVE-ID: CVE-2026-33758)

The vulnerability allows a remote attacker to disclose sensitive information.

The vulnerability exists due to cross-site scripting in the OIDC authentication error message page when handling the error_description parameter for a failed authentication. A remote attacker can supply a crafted error_description parameter to disclose sensitive information.

Only installations with an OIDC/JWT authentication method enabled and a role configured with callback_mode=direct are vulnerable. User interaction is required.


Remediation

Install update from vendor's website.

References