MagnusBilling Login Logs - Cross-Site Scripting

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is...

CVE-2026-8330 Insertion of Sensitive Information into Log File in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed sensitive information to be written to application logs due to insufficient filtering in a CI/CD API endpoint...

CVE-2026-8330

GitLab CE/EE versions affected: all 9.3–<18.11.6, 19.0–<19.0.3, and 19.1–

CVE-2026-12053 Insertion of Sensitive Information into Log File in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 19.1 before 19.1.1 that under certain conditions could have allowed a user to access sensitive information that had already been committed to a project, due to insufficient output filtering in Duo Workflows...

CVE-2026-12053

GitLab EE prior to 19.1.1 (i.e., 19.1.0) was affected by an information-disclosure issue caused by insufficient output filtering in Duo Workflows, potentially allowing a user to access sensitive data already committed to a project. The issue has been remediated by patching to 19.1.1. Impact: high...

EUVD-2026-38229

MISP allowed a site administrator to configure an arbitrary filesystem path for the NDJSON error log used by JsonLogTool. Because log entries can include attacker-controlled content, an authenticated attacker with site administrator privileges could direct log output to a PHP file in a...

CVE-2026-7547 Woosa <= 2.0.5 - Authenticated (Administrator+) Arbitrary File Read via 'log_file' Parameter

The Woosa – Marktplaats for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Read via Path Traversal in versions up to and including 2.0.4. This is due to insufficient path sanitization in the renderlogsui function, which accepts a base64-encoded file name from the 'logfile' GET...

Insertion of Sensitive Information into Log File

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the error handling process for certain API and WebSocket routes, where unsanitized exception...

CVE-2026-44809

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

PT-2026-48500

In Splunk SOAR Security Orchestration, Automation, and Response versions below 8.5.0, an unauthenticated attacker could inject American National Standards Institute ANSI escape codes into SOAR application log files through specially crafted HTTP request paths, which a terminal emulator might...

CVE-2026-44809

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

CVE-2026-44809 Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

CVE-2026-44809

The vulnerability CVE-2026-44809 involves use-after-free in the Windows Common Log File System (CLFS) Driver. An authorized local attacker can elevate privileges. The data provided does not specify affected Windows versions, patch details, or remediation steps. No exploit specifics are documented...

EUVD-2026-35743

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

CVE-2026-44809 Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

PT-2026-47925

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

Microsoft Windows Common Log File System Driver 资源管理错误漏洞

The Microsoft Windows Common Log File System Driver provides a high-performance, general-purpose log file subsystem. Dedicated client applications can utilize this subsystem, and multiple clients can share it to optimize log access. The Microsoft Windows Common Log File System Driver has a resour...

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the INFO level logging when chaincode is deployed in chaincode-as-a-service mode with TLS enabled. An attacker can obtain sensitive information TLS private key by accessing the server...

CVE-2026-2401

CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an attacker...