CVE-2026-5052 — Information Disclosure

/MEDIUM
Written by SCW Vulnerability Desk Vulnerability Intelligence
National Vulnerability Database vulnerabilitycvemedium-severityinformation-disclosurecwe-918
CVE-2026-5052 — Information Disclosure

Image via images.unsplash.com

CVE-2026-5052 — Vault’s PKI engine’s ACME validation did not reject local targets when issuing http-01 and tls-alpn-01 challenges. This may lead to these requests being sent to local network targets, potentially leading to information disclosure. Fixed in Vault Community Edition 2.0.0 and Vault Ente

What This Means For You

  • If your environment is affected by CWE-918, review your exposure and prioritize patching based on your environment. Monitor vendor advisories for CVE-2026-5052 updates and patches.

Related ATT&CK Techniques

T1595.002 Scanning for Vulnerabilities Reconnaissance T1190 Exploit Public-Facing Application Initial Access T1041 Exfiltration Over C2 Channel Exfiltration

🛡️ Detection Rules

4 rules · 6 SIEM formats

4 auto-generated detection rules for this incident, mapped to MITRE ATT&CK. Available in Sigma, Splunk SPL, Sentinel KQL, Elastic Lucene, QRadar AQL, and Wazuh.

high T1190 Initial Access

Web Application Exploitation Attempt — CVE-2026-5052

Sigma YAML — free preview
✓ Sigma 🔒 Splunk SPL 🔒 Sentinel KQL 🔒 Elastic 🔒 QRadar AQL 🔒 Wazuh

Want this in your SIEM's native format? Get Splunk SPL, Sentinel KQL, Elastic, QRadar AQL, or Wazuh — ready to paste.

4 Sigma rules mapped to the ATT&CK techniques from this breach — pick your SIEM and get a ready-to-paste query.

Get All SIEM Formats →

Indicators of Compromise

IDTypeIndicator
CVE-2026-5052 vulnerability CVE-2026-5052
CWE-918 weakness CWE-918

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedApril 17, 2026 at 07:16 UTC

This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.

Believe this infringes your rights? Submit a takedown request.

Related Posts

CVE-2026-6080 — SQL Injection

CVE-2026-6080 — The Tutor LMS plugin for WordPress is vulnerable to SQL Injection in versions up to and including 3.9.8. This is due to insufficient...

vulnerabilityCVEmedium-severitysql-injectioncwe-89
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

Vault DoS: Unauthenticated Attackers Can Block Critical Operations

CVE-2026-5807 — Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying...

vulnerabilityCVEhigh-severitycwe-770
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs

CVE-2026-5502 — The Tutor LMS – eLearning and online course solution plugin

CVE-2026-5502 — The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized course content manipulation in versions up to...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs