CVE-2026-42826

Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network...

CVE-2026-42826

Technical details are not publicly available in the provided documents; no affected products/versions/vectors or remediation are specified here. Monitor for updates from official sources.

Azure DevOps Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network...

Security Bulletin: Multiple vulnerabilities in IBM DevOps Solution Workbench

Summary Multiple vulnerabilities were addressed in IBM DevOps Solution Workbench version 5.1.2 Vulnerability Details CVEID:CVE-2026-6951 DESCRIPTION: Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that block...

KLA91028 OSI vulnerability in Microsoft Developer Tools

An information disclosure vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2026-42826 Exploitation Related products Microsoft-Azure CVE list CVE-2026-42826 critical Solution Install...

Microsoft Azure DevOps 信息泄露漏洞

Microsoft Azure DevOps is a team collaboration platform provided by the American company Microsoft. There is an information leakage vulnerability in Microsoft Azure DevOps. This vulnerability stems from the exposure of sensitive information to unauthorized participants, which may allow unauthoriz...

PT-2026-38587

Name of the Vulnerable Software and Affected Versions Azure DevOps affected versions not specified Description Exposure of sensitive information in Azure DevOps allows an unauthorized actor to disclose information over a network. Recommendations At the moment, there is no information about a newe...

PT-2026-36667

CVE-2026-30412 SentinelCloud, AI-Driven Autonomous DevOps Engineer One closed loop. Five agents. Seven scenarios. Zero hallucinated kubectl. Live demo https://t.co/ocEWNzLf9Z...

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of AsyncHttpClient

Summary Due to use of AsyncHttpClient, DevOps Test Performance and Rational Performance Tester contain a potential vulnerability where Authorization/Proxy-Authorization headers are improperly leaked. Vulnerability Details CVEID:CVE-2026-40490 DESCRIPTION: The AsyncHttpClient AHC library allows Ja...

Security Bulletin: Rational Test Automation Server is vulnerable to request smuggling using CRLF injection due to netty-codec-http (CVE-2025-67735)

Summary Due to use of netty-codec-http, Rational Test Automation Server and IBM DevOps Test Hub contain a CRLF injection based request smuggling vulnerability CVE-2025-67735. The netty-codec-http java library is used for asynchronous HTTP handling capabilities. Vulnerability Details...

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the path-to-regexp library

Summary Due to use of the path-to-regexp library, DevOps Test Performance and Rational Performance Tester contain a potential Regular Expression Denial of Service ReDoS vulnerability. Vulnerability Details CVEID:CVE-2026-4923 DESCRIPTION: Impact: When using multiple wildcards, combined with at...

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the path-to-regexp package

Summary Due to use of the path-to-regexp package, DevOps Test Performance and Rational Performance Tester contain a potential Regular Expression Denial of Service ReDoS vulnerability. Vulnerability Details CVEID:CVE-2026-4867 DESCRIPTION: Impact: A bad regular expression is generated any time you...

Security Bulletin: DevOps Test Performance contains a vulnerability due to use of Spring Boot

Summary Due to use of Spring Boot, DevOps Test Performance and Rational Performance Tester contain a potential authentication bypass vulnerability. Vulnerability Details CVEID:CVE-2026-22731 DESCRIPTION: Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass"...

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of Spring Framework MVC and WebFlux

Summary Due to use of Spring Framework MVC and WebFlux, DevOps Test Performance and Rational Performance Tester contain a potential stream corruption vulnerability. Vulnerability Details CVEID:CVE-2026-22735 DESCRIPTION: Spring MVC and WebFlux applications are vulnerable to stream corruption when...

Security Bulletin: DevOps Test Performance contains a vulnerability related to use Apache CXF

Summary Due to use of Apache CXF, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2025-23184 DESCRIPTION: A potential denial of service vulnerability is present in versions of Apache CXF before 3.5.10...

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Undertow web server

Summary Due to use of the Undertow web server, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2025-9784 DESCRIPTION: A flaw was found in Undertow where malformed client requests can trigger server-si...

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of Apache Commons Lang

Summary Due to use of Apache Commons Lang, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apach...

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Spring Framework

Summary Due to use of the Spring Framework, DevOps Test Performance and Rational Performance Tester contain a potential path traversal vulnerability. Vulnerability Details CVEID:CVE-2026-22737 DESCRIPTION: Use of Java scripting engine enabled e.g. JRuby, Jython template views in Spring MVC and...

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Netty framework

Summary Due to use of the Netty framework, DevOps Test Performance and Rational Performance Tester contain a potential HTTP request smuggling vulnerability. Vulnerability Details CVEID:CVE-2026-33870 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions...

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the brace-expansion Node.js library

Summary Due to use of the brace-expansion Node.js library, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2026-33750 DESCRIPTION: The brace-expansion library generates arbitrary strings containing a...