Update docker.io/hashicorp/vault Docker tag to v2.0.3

v2.0.3

Compare Source

June 17, 2026

SECURITY:

• auth/radius: Added case_insensitive_names toggle to prevent username collisions and enable case-insensitive user handling.
• core/acl: Fix LIST ACL bypass where a trailing-slash request could skip a more-specific deny rule.
• core: Use constant-time recovery token comparison
• secrets/spiffe (enterprise): Ensure template values are properly escaped.
• transform (enterprise): Add appropriate db specific quoting and escaping.

CHANGES:

• auth/cf: Update plugin to v0.23.1
• core/acl: LIST requests with a trailing slash now correctly respect more-specific deny policies. Previously, a deny on path "kv/*" { deny } could be bypassed for LIST kv/private/ if a broader allow path "kv/*" also existed. Policies relying on the previous (incorrect) behavior may now be denied.
• core: Vault will now redirect non-canonicalized paths (containing /./, /../, or //) to a cleaned path, instead of rejecting these requests
• secrets/azure: Update plugin to v0.26.5+ent

FEATURES:

• AI Agent Support (Beta/Enterprise): Adds beta support for first-class AI agents. Adds
  an Agent Registry to register agents, and adds support for using Vault as an OAuth resource server
  for registered agent entities. When configured, allows OAuth 2.0 JWTs to be used to directly authorize
  requests to Vault, without needing a Vault token.

IMPROVEMENTS:

• consumption-billing: Add a new sys/billing/config endpoint to allow configuration of billing data retention (min 13 months, max 6 years).
• core (Enterprise): Make deadlock detection in sealwrap configurable by adding "sealwrap" to existing configuration detect_deadlocks.
• identity/scim (enterprise): Update PATCH operations on scim/v2/Users to allow multiple modifications in the same patch call, support for patch operations on user metadata and name in addition to active status, and allow specifying path value in patch operations
• sdk/helper/keysutil: The lock manager's GetPolicy function now always returns a locked Policy, even when caching is
  enabled. The PolicyRequest struct has a new field to indicate whether the caller requires a write lock on the policy.
• ui (enterprise): Migrate charts from Lineal to Carbon Charts in the Client usage overview and Vault usage dashboard.

BUG FIXES:

• core/rotationMgr: Fix storage routing for local mounts in namespaces to prevent metadata replication and ensure GDPR compliance.
• kmip (enterprise): Fix a bug that prevents the legacy CA from working on a named listener.
• secret-sync (enterprise): Fix GCP Secret Manager replication policy persistence across Vault restarts.
• secrets/database/mssql: Deregister stale TLS configurations when MySQL connection TLS settings change or the connection is closed, preventing retained certificate pools from accumulating.
• secrets/pki: Fix PKI certificate issuance not_after time to respect max TTL.
• secrets/transit: Add managed key support to Transit rewrap endpoint.
• storage/raft: reject performance_multiplier values less than or equal to zero