CVE-2026-43911 - Vaultwarden: Refresh tokens not invalidated on security stamp rotation
CVE ID :CVE-2026-43911 Published : May 11, 2026, 11:20 p.m. | 1 hour, 45 minutes ago Description :Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, refresh tokens are not invalidated when the user's security_stamp is rotated by some security-sensitive operations (p
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] How to verify AI-discovered vulnerabilities aren't just training data echoes
- [CYBER] Shlomo Kramer backs $26m AI cyber venture fund
- [CYBER] CVE-2026-8349 - omec-project amf NGAP Message memory corruption
- [CYBER] CVE-2026-8346 - D-Link DIR-816 portForward command injection
- [CYBER] Index Ventures backs cyber startup Frame in $50m round
- [CYBER] Google Detects First AI-Generated Zero-Day Exploit