LOW
openbao
CVE published 2026-05-14
CVE-2026-42186
OpenBao versions prior to 2.5.3 contain a logic flaw in namespace deletion that can leave orphaned data when initial deletion attempts fail. The vulnerability stems from improper cleanup during retry operations, potentially affecting outstanding leases and leaving unrelated storage entries intact after a namespace is marked deleted. This represents a data integrity concern rather than direct confidentiali [truncated]