CVE-2026-32693 in Jujuinfo

Zusammenfassung

von MITRE • 18.03.2026

In Juju from version 3.0.0 through 3.6.18, the authorization of the "secret-set" tool is not performed correctly, which allows a grantee to update the secret content, and can lead to reading or updating other secrets. When the "secret-set" tool logs an error in an exploitation attempt, the secret is still updated contrary to expectations, and the new value is visible to both the owner and the grantee.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Canonical

Reservieren

13.03.2026

Veröffentlichung

18.03.2026

Moderieren

akzeptiert

Eintrag

VDB-351531

CPE

bereit

CWE

CWE-863 (bestätigt)

CVSS

8.8 (CNA)

EPSS

0.00081

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-32693
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-32693
CVE Details	https://www.cvedetails.com/cve/CVE-2026-32693/

◂ Zurück Übersicht Weiter ▸

Interested in the pricing of exploits?

See the underground prices here!