ANAVEM
News
CybersecurityMicrosoftAppleGoogleCloudTech
TutorialsTools
LanguageFR
HighSoftware & Platforms

Vaultwarden 1.35.4 fixes three critical vulnerabilities

Emanuel DE ALMEIDA 3 March 2026 2 min read 7 views 0 Comments

Last updated 9 March 2026

Salle serveur moderne avec interfaces de gestion sécurisée des mots de passe

Vaultwarden releases version 1.35.4 to fix three security vulnerabilities in the self-hosted alternative to Bitwarden.

Key Takeaways

  • Version: Vaultwarden 1.35.4
  • Fixes: 3 security vulnerabilities
  • Action required: Immediate update recommended
  • Product: Self-hosted alternative to Bitwarden

Vaultwarden 1.35.4 released on March 3, 2026

The Vaultwarden team released version 1.35.4 of its self-hosted password manager on Tuesday to fix three security vulnerabilities. This security update comes five days after the discovery of vulnerabilities in the open source alternative to Bitwarden.

Developers recommend immediate installation for all users hosting their own Vaultwarden instance. No technical details about the vulnerabilities have been disclosed to prevent exploitation.

Vaultwarden users affected by the update

All administrators of self-hosted Vaultwarden instances must update to version 1.35.4. Users of the official Bitwarden cloud service are not affected by these specific vulnerabilities.

The update is available through the usual distribution channels: Docker Hub, GitHub Releases, and Linux package managers. The standard update process applies with no data migration necessary.

Three vulnerabilities fixed in Vaultwarden

Version 1.35.4 addresses three distinct security vulnerabilities identified in the Vaultwarden code. Developers have not published CVEs or technical details to limit the risk of exploitation before instances are updated.

This responsible disclosure approach follows standard practices for password managers, where user data security takes precedence over immediate technical transparency.

About the Author

Emanuel DE ALMEIDA

Emanuel DE ALMEIDA

Senior IT Journalist & Cloud Architect

Microsoft MCSA-certified Cloud Architect | Fortinet-focused. I modernize cloud, hybrid & on-prem infrastructure for reliability, security, performance and cost control - sharing field-tested ops & troubleshooting.

#vaultwarden#security#update

Frequently Asked Questions

What exactly is Vaultwarden?
Vaultwarden is an alternative and open-source implementation of the Bitwarden server, allowing for self-hosting of a password manager. It offers the same features as Bitwarden but with fewer system resources required.
How to update to Vaultwarden 1.35.4?
The update is performed via Docker Hub, GitHub Releases, or Linux package managers depending on your installation. No data migration is necessary, the standard update process applies.
Are Bitwarden cloud users affected?
No, these vulnerabilities only affect self-hosted Vaultwarden instances. Users of the official Bitwarden cloud service are not impacted by these specific flaws.

Discussion

Share your thoughts and insights

You must be logged in to comment.

Log in
Loading comments...

Related Intelligence

Healthcare data center with servers and warning lights indicating security breach
High
Data Breaches

Cognizant TriZetto breach exposes 3.4M patient records

3 days ago2 min
Dark server room showing DNS infrastructure and network security monitoring systems
Medium
Cyber Attacks

Hackers Exploit .arpa DNS to Bypass Email Security

1 day ago2 min
WordPress admin dashboard displaying user management interface in dark cybersecurity setting
Critical
Vulnerabilities

WordPress Plugin Bug Lets Hackers Create Admin Accounts

4 days ago2 min
Computer screens showing corrupted wiki pages with malicious JavaScript code in dark server room
High
Cyber Attacks

Wikipedia Hit by Self-Propagating JavaScript Worm

4 days ago2 min