Shodan
Vulnerabilities
Vulnerable Software
Hashicorp:  >> Vault  >> 1.17.8  Security Vulnerabilities
CVE-2025-4166
Vault Community and Vault Enterprise Key/Value (kv) Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is fixed in Vault Community 1.19.3 and Vault Enterprise 1.19.3, 1.18.9, 1.17.16, 1.16.20.
CVSS Score
4.5
EPSS Score
0.0
Published
2025-05-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved