Alerts This Week
Warning Icon 1 840
Alerts This Week
Warning Icon 1 840

Fedora 44 Vaultwarden Critical Security Fix from 2026-e14ea170b6

fedora
Calendar Grey June 11, 2026
Dist Fedora Esm H88
Update to vaultwarden 1.36.0 on Fedora 44 addresses critical security issues and vulnerabilities. Stay secure!
update to 1.36.0

Summary

Unofficial Bitwarden compatible server.

Update Information:

update to 1.36.0

Topics%20covered

Topics Covered

security advisory denial of service unauthorized access fedora critical information disclosure

Change Log

* Wed Jun 3 2026 Jonathan Wright - 1.36.0-1 - update to 1.36.0 rhbz#2368636 - Fix bitwarden mobile app not working rhbz#2437599 - Fix CVE-2025-58160 vaultwarden: Tracing log pollution - Fix CVE-2026-25537 vaultwarden: jsonwebtoken has Type Confusion that leads to potential authorization bypass - Fix CVE-2026-25727 vaultwarden: time affected by a stack exhaustion denial of service attack - Fix CVE-2026-26012 vaultwarden: Information disclosure due to bypassed collection permissions - Fix CVE-2026-27898 vaultwarden: Information disclosure via API partial update - Fix CVE-2026-27803 vaultwarden: Unauthorized collection management operations due to improper access control - Fix CVE-2026-27801 vaultwarden: Two-factor authentication bypass allows unauthorized access and data deletion

References

Fedora Update Notification FEDORA-2026-e14ea170b6 2026-06-12 00:58:37.608023+00:00 Name : vaultwarden Product : Fedora 44 Version : 1.36.0 Release : 1.fc44 URL : https://github.com/dani-garcia/vaultwarden Summary : Unofficial Bitwarden compatible server Description : Unofficial Bitwarden compatible server.

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-e14ea170b6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: vaultwarden
Product: Fedora 44
Version: 1.36.0
Release: 1.fc44
URL: https://github.com/dani-garcia/vaultwarden
Summary: Unofficial Bitwarden compatible server

Topics%20covered

Topics Covered

security advisory denial of service unauthorized access fedora critical information disclosure

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here