Security Advisory

CVE-2026-2808

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-11 23:08:32

Last updated 2026-04-17 17:57:55

Assigner HashiCorp

State PUBLISHED

Description

HashiCorp Consul and Consul Enterprise 1.18.20 up to 1.21.10 and 1.22.4 are vulnerable to arbitrary file read when configured with Kubernetes authentication. This vulnerability, CVE-2026-2808, is fixed in Consul 1.18.21, 1.21.11 and 1.22.5.

← Browse all CVEs View on cve.org ↗