CVE-2024-55226

Medium CVSS: 5.4

Vaultwarden v1.32.5 was discovered to contain an authenticated reflected cross-site scripting (XSS) vulnerability via the component /api/core/mod.rs.

Vendor

Product

CWE

Yayın Tarihi

2025-01-09 21:15:29

Güncelleme

2025-06-24 14:01:15

Source Identifier

cve@mitre.org

KEV Date Added

CWE-79 Vaultwarden MEDIUM Dani-garcia 2025

https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.4 https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.5 https://insinuator.net/2024/11/vulnerability-disclosure-authentication-bypass-in-vaultwarden-versions-1-32-5/

High

CVE-2026-27802

Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Prior to versi…

High

CVE-2026-27803

Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Prior to versi…

Medium

CVE-2026-27898

Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Prior to versi…

Medium

CVE-2026-27801

Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Vaultwarden ve…

Medium

CVE-2026-26012

vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Prior to 1.35.…

High

CVE-2025-24364

vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Attacker with…