CVE-2026-27802 – IoT OT Security News

Vaultwarden の脆弱性 CVE-2026-27802／27803 が FIX：権限昇格とデータ漏洩の可能性

Vaultwarden Vulnerabilities Enable Privilege Escalation and Data Exposure

2026/03/09 gbhackers — Bitwarden 互換として、Rust 言語で実装された代替ソリューション Vaultwarden に、2件の深刻な脆弱性が発見された。脆弱性 CVE-2026-27803 (CVSS：8.3 High)／CVE-2026-27802 (CVSS：8.3 High) を悪用する攻撃者は、侵害済みの Manager アカウントを介して、認可チェックの回避と権限の昇格を行い、保存済みの機密認証情報を漏洩させる可能性がある。

API (239)
APT (523)
Asia (398)
AuthN AuthZ (796)
BruteForce (67)
BugBounty (76)
CyberAttack (3,295)
DarkWeb (228)
DataBreach (550)
DataLeak (194)
DDoS (164)
DoubleExtortion (15)
Exploit (1,451)
Geopolitics (1)
Literacy (2,368)
LOLbin (58)
MageCartAttack (14)
Malware (1,452)
MCP (16)
MisConfiguration (62)
NHI (10)
Outage (106)
ParadigmShift (181)
Privacy (243)
Protection (649)
RaaS (122)
Ransomware (732)
RAT (781)
Repository (342)
Research (1,210)
Resilience (133)
Scammer (614)
SecTools (237)
SocialEngineering (49)
SupplyChain (425)
TTP (1,001)
Uncategorized (15)
Vulnerability (4,823)
WateringHoleAttack (4)
Zero Trust (382)
_AI/ML (401)
_CDN (4)
_Cloud (368)
_Container (73)
_CryptCcurrency (40)
_Defence (162)
_Education (8)
_Finance (161)
_Government (1,077)
_HealthCare (47)
_Human (51)
_ICS (85)
_IDS/IPS (182)
_Industry (221)
_Infrastructure (129)
_Mobile (162)
_OpenSource (1,395)
_PLC (39)
_Regulation (158)
_Retail (78)
_RTOS (6)
_Space (26)
_Statistics (419)
_Storage (70)
_Telecom (77)
_Transportation (56)