CVE-2026-43913 Overview
CVE-2026-43913 is an authorization flaw in Vaultwarden, a Bitwarden-compatible password manager server written in Rust. Versions prior to 1.35.5 fail to verify membership confirmation status on the POST /api/ciphers/purge endpoint. An authenticated user invited as an organization owner can accept the invite and immediately purge all ciphers and attachments before a legitimate owner confirms their membership. The flaw causes organization-wide data loss and falls under [CWE-863: Incorrect Authorization]. Maintainer dani-garcia resolved the issue in release 1.35.5.
Critical Impact
An unconfirmed organization owner can hard-delete every cipher and attachment in a Vaultwarden organization, causing immediate and irreversible data loss.
Affected Products
- Vaultwarden versions prior to 1.35.5
- Self-hosted Bitwarden-compatible deployments using dani-garcia/vaultwarden
- Any organization configured with invite-based owner provisioning
Discovery Timeline
- 2026-05-11 - CVE-2026-43913 published to NVD
- 2026-05-13 - Last updated in NVD database
Technical Details for CVE-2026-43913
Vulnerability Analysis
Vaultwarden implements organization membership through a two-step lifecycle. A user moves from Invited to Accepted after acknowledging the invite, then to Confirmed only after an existing owner explicitly approves the membership. This separation exists to prevent unverified principals from acting with owner privileges.
The POST /api/ciphers/purge handler bypasses this lifecycle. It inspects only the membership type field and grants access when the value equals Owner, ignoring the status field. As a result, the handler treats Accepted and Confirmed owners identically. The endpoint then proceeds to hard-delete all ciphers and attachments belonging to the organization.
Root Cause
The root cause is incomplete authorization enforcement in the ciphers purge route. The handler uses plain Headers extraction instead of a guard that validates both membership type and confirmation status. Other organization-sensitive endpoints check Confirmed status, but the purge route omits this validation. The flaw is a classic [CWE-863] missing authorization check on a destructive operation.
Attack Vector
An attacker requires an authenticated session and a pending owner invitation from a target organization. After accepting the invite, the attacker issues an HTTP POST request to /api/ciphers/purge with the organization identifier. The server validates only that the membership type is Owner and executes the purge. The operation deletes every cipher and attachment associated with the organization without requiring confirmation by another owner. This scenario is realistic in environments where invitations are sent to external collaborators, contractors, or addresses that have not yet been validated by an existing owner.
The vulnerability is described in prose only. See the Vaultwarden GitHub Security Advisory for additional technical context.
Detection Methods for CVE-2026-43913
Indicators of Compromise
- HTTP POST requests to /api/ciphers/purge originating from accounts whose organization membership status is Accepted but not Confirmed.
- Sudden bulk deletion of ciphers and attachments across an organization within a short time window.
- New organization owner invitations followed within minutes by purge endpoint activity from the invited account.
Detection Strategies
- Audit Vaultwarden application logs for calls to /api/ciphers/purge and correlate the calling user against the users_organizations table status column.
- Alert on cipher deletion volume that exceeds a baseline threshold per organization over a defined interval.
- Review invitation acceptance events that precede destructive API calls from the same user identifier.
Monitoring Recommendations
- Forward Vaultwarden reverse proxy access logs to a centralized log platform and retain them for forensic review.
- Enable database-level auditing on the ciphers and attachments tables to capture mass-delete operations.
- Track organization owner invitation lifecycle events and flag any owner action performed before status reaches Confirmed.
How to Mitigate CVE-2026-43913
Immediate Actions Required
- Upgrade Vaultwarden to version 1.35.5 or later on all self-hosted instances.
- Audit pending organization invitations and revoke any invites issued to untrusted or unverified addresses.
- Verify recent backups of the Vaultwarden data directory and database before applying the upgrade.
Patch Information
The maintainer fixed CVE-2026-43913 in Vaultwarden 1.35.5. The patch adds a confirmation status check to the POST /api/ciphers/purge route so that only members with Confirmed status and Owner type can invoke the operation. Release details are available in the Vaultwarden GitHub Security Advisory GHSA-937x-3j8m-7w7p.
Workarounds
- Restrict network access to the Vaultwarden API behind a reverse proxy that blocks /api/ciphers/purge until the upgrade is complete.
- Avoid issuing organization owner invitations until the instance is patched to 1.35.5.
- Maintain frequent encrypted backups of the Vaultwarden database to enable recovery from accidental or malicious purges.
# Example reverse proxy block for the vulnerable endpoint (nginx)
location = /api/ciphers/purge {
return 403;
}
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
