CVE-2026-33420 Overview
CVE-2026-33420 is a missing authorization vulnerability [CWE-862] in Vaultwarden, a Bitwarden-compatible server written in Rust. The flaw resides in the get_org_collections_details endpoint, reachable at GET /api/organizations/{org_id}/collections/details. The endpoint omits the has_full_access() authorization check that protects the sibling get_org_collections endpoint. A Manager-role user with accessAll=False and no collection assignments can enumerate every collection in the organization. Exposed data includes collection names, UUIDs, user-to-collection mappings, and group-to-collection mappings. Versions 1.35.4 and earlier are affected, and version 1.35.5 contains the fix.
Critical Impact
Authenticated Manager-role users can enumerate all organization collections, users, and group mappings without holding access to those collections.
Affected Products
- Vaultwarden versions up to and including 1.35.4
- Vaultwarden Manager-role accounts with accessAll=False
- Self-hosted Bitwarden-compatible deployments using Vaultwarden
Discovery Timeline
- 2026-05-05 - CVE-2026-33420 published to NVD
- 2026-05-07 - Last updated in NVD database
Technical Details for CVE-2026-33420
Vulnerability Analysis
The vulnerability is a broken access control issue in Vaultwarden's organization API. Two sibling endpoints expose collection data: get_org_collections and get_org_collections_details. The first endpoint enforces a has_full_access() check before returning collection metadata. The second endpoint, intended to return richer detail including user and group mappings, omits that check entirely.
A Manager-role account in Bitwarden's permission model is expected to manage only collections explicitly assigned to it. When accessAll is set to False and no collections are assigned, the user should see nothing. The missing authorization check on the details endpoint breaks that boundary and returns metadata for every collection in the organization.
Root Cause
The root cause is a missing authorization gate on a privileged read endpoint. The handler for GET /api/organizations/{org_id}/collections/details proceeds directly to data retrieval without confirming the caller has full access or specific collection assignments. This is a classic CWE-862 Missing Authorization defect, where one route in a pair of similar handlers fails to replicate the access check applied to its counterpart.
Attack Vector
Exploitation requires an authenticated session as a Manager-role member of the target organization. The attacker issues a single HTTP GET request to /api/organizations/{org_id}/collections/details using the organization UUID. The server returns the full list of collections along with user and group mappings. No elevation, code execution, or vault item content disclosure occurs, but the disclosed mapping data supports targeted social engineering and lateral movement planning. Refer to the GitHub Security Advisory GHSA-jjxg-p3v6-52ww for endpoint specifics.
Detection Methods for CVE-2026-33420
Indicators of Compromise
- HTTP requests to /api/organizations/{org_id}/collections/details originating from Manager-role accounts that hold no collection assignments.
- Repeated enumeration of organization UUIDs by a single authenticated session within a short window.
- Application logs showing successful 200 responses on the details endpoint to users without accessAll privileges.
Detection Strategies
- Compare request actors against the organization's role and accessAll attributes; alert when Manager-role users with no assignments receive non-empty responses from the details endpoint.
- Baseline normal usage of collections/details per role and flag deviations.
- Correlate access patterns with subsequent authentication or sharing events that suggest reconnaissance follow-through.
Monitoring Recommendations
- Enable verbose access logging on the Vaultwarden reverse proxy and forward to a SIEM with role context.
- Track HTTP status, path, organization UUID, and authenticated user UUID on every /api/organizations/* call.
- Review audit trails for newly created Manager-role accounts and inspect their early API behavior.
How to Mitigate CVE-2026-33420
Immediate Actions Required
- Upgrade Vaultwarden to version 1.35.5 or later, which restores the has_full_access() authorization check on the details endpoint.
- Audit all Manager-role accounts for unexpected reads against /api/organizations/{org_id}/collections/details in the affected timeframe.
- Rotate or review group and collection memberships if reconnaissance is suspected.
Patch Information
The maintainers released the fix in Vaultwarden 1.35.5. The patch adds the missing authorization check to get_org_collections_details, aligning its behavior with get_org_collections. Operators running container images should pull the updated tag and redeploy. Full advisory details are available in GHSA-jjxg-p3v6-52ww.
Workarounds
- Until upgrade is possible, restrict creation of Manager-role accounts and convert affected users to roles that do not expose the endpoint.
- Block or rate-limit the /api/organizations/{org_id}/collections/details path at the reverse proxy for non-administrative accounts.
- Apply network-level access controls to limit Vaultwarden API exposure to trusted clients only.
# Pull and deploy the fixed Vaultwarden release
docker pull vaultwarden/server:1.35.5
docker stop vaultwarden && docker rm vaultwarden
docker run -d --name vaultwarden \
-v /vw-data/:/data/ \
-p 80:80 \
vaultwarden/server:1.35.5
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
