OpenBao is an open source identity-based secrets management system. Prior to version 2.5.2, OpenBao does not prompt for user confirmation when logging in via JW…

OpenBao versions prior to 2.5.2 contain an authentication bypass vulnerability in JWT/OIDC login with direct callback mode. The vulnerability allows attackers to perform remote phishing attacks by tricking victims into visiting URLs that automatically log them into the attacker's session. The direct mode bypasses user confirmation prompts and allows attackers to poll for OpenBao tokens. Version 2.5.2 fixes this by adding a confirmation screen requiring manual user interaction. Workarounds include removing roles with callback_mode=direct or enforcing confirmation on the token issuer side.