HashiCorp Consul <1.21.10 vulnerable to arbitrary file read via K8s auth
CVE-2026-2808 Published on March 11, 2026
Consul vulnerable to arbitrary file reads through the vault kubernetes authentication provider
HashiCorp Consul and Consul Enterprise 1.18.20 up to 1.21.10 and 1.22.4 are vulnerable to arbitrary file read when configured with Kubernetes authentication. This vulnerability, CVE-2026-2808, is fixed in Consul 1.18.21, 1.21.11 and 1.22.5.
Weakness Type
What is an insecure temporary file Vulnerability?
The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
CVE-2026-2808 has been classified to as an insecure temporary file vulnerability or weakness.
Products Associated with CVE-2026-2808
Want to know whenever a new CVE is published for HashiCorp Consul? stack.watch will email you.
Affected Versions
HashiCorp Consul:- Before 1.22.5 is affected.
- Before 1.22.5 is affected.