A vulnerability marked as critical has been reported in HashiCorp Vault and Vault Enterprise up to 2.0.0. This impacts an unknown function of the component Audit Device Handler. The manipulation leads to path traversal.

This vulnerability is traded as CVE-2026-5051. Access to the local network is required for this attack to succeed. There is no exploit available.

It is suggested to upgrade the affected component.