Lucene search
K

1268 matches found

Github Security Blog
Github Security Blog
added 2026/05/14 6:25 p.m.16 views

dbt MCP Server Transmits All MCP Tool Arguments Including Raw SQL and --vars Credentials to dbt Labs Telemetry by Default Without Redaction

Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary DefaultUsageTracker.emittoolcalledevent in src/dbtmcp/tracking/tracking.py serializes the complete arguments dictionary of every MCP tool call and transmits it verbatim to...

6AI score0.00042EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/14 6:24 p.m.14 views

dbt MCP Server Logs Tool Arguments Including SQL Queries and Credentials in Plaintext Without Redaction When File Logging Is Enabled

Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary DbtMCP.calltool in src/dbtmcp/mcp/server.py logs the complete raw arguments dictionary at INFO level on every tool invocation line 67 and again at ERROR level if the call...

6AI score0.00012EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-8200

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not...

5.3CVSS5.8AI score0.00204EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.14 views

PT-2026-41149

Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary DbtMCP.call tool in src/dbt mcp/mcp/server.py logs the complete raw arguments dictionary at INFO level on every tool invocation line 67 and again at ERROR level if the cal...

2.5CVSS6AI score0.00012EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-40961

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager versions prior to 26.0.1 Description A flaw in the web UI of Cisco Catalyst SD-WAN Manager allows an authenticated remote attacker with read-only permissions to elevate their privileges to those of a high-privileg...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.13 views

CVE-2026-28943

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to determine kernel memory layout...

7.5CVSS5.8AI score0.0044EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/13 8:21 a.m.14 views

CVE-2026-28923

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox...

8.8CVSS5.8AI score0.00154EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/05/13 8:1 a.m.11 views

jq: Embedded NUL in jq import paths causes local redaction-policy bypass and preserves sensitive fields in published artifacts

...

4.4CVSS5.8AI score0.00157EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/05/13 12:8 a.m.11 views

CVE-2026-8200 Schema validation log messages may not redact user data

When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. This issue impacts MongoDB Server v7.0 versions prior to 7.0.34, v8.0 versions prior to 8.0.23, v8.2 version...

4.8CVSS5.8AI score0.00204EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 12:8 a.m.61 views

CVE-2026-8200 Schema validation log messages may not redact user data

When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. This issue impacts MongoDB Server v7.0 versions prior to 7.0.34, v8.0 versions prior to 8.0.23, v8.2 version...

4.8CVSS0.00204EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 12:8 a.m.41 views

CVE-2026-8200

The CVE-2026-8200 entry covers MongoDB Server: affected versions are v7.0 before 7.0.34, v8.0 before 8.0.23, v8.2 before 8.2.9, and v8.3 before 8.3.2. When schema validation is enabled and an update/insert would violate the schema, the generated local server log message may not redact all user da...

5.3CVSS5.8AI score0.00204EPSS
Exploits0References1Affected Software1
MongoDB
MongoDB
added 2026/05/13 12:8 a.m.17 views

Schema validation log messages may not redact user data

When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. This issue impacts MongoDB Server v7.0 versions prior to 7.0.34, v8.0 versions prior to 8.0.23, v8.2 version...

5.3CVSS5.8AI score0.00204EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/11 9:31 p.m.10 views

EUVD-2026-29281

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to leak sensitive kernel state...

5.8AI score0.0044EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/11 9:31 p.m.9 views

EUVD-2026-29252

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to determine kernel memory layout...

5.8AI score0.0044EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/11 9:31 p.m.9 views

EUVD-2026-29243

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox...

5.8AI score0.00154EPSS
Exploits0References4
NVD
NVD
added 2026/05/11 9:18 p.m.14 views

CVE-2026-28987

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to leak sensitive kernel state...

7.5CVSS0.0044EPSS
Exploits0References7
NVD
NVD
added 2026/05/11 9:18 p.m.10 views

CVE-2026-28943

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to determine kernel memory layout...

7.5CVSS0.0044EPSS
Exploits0References7
NVD
NVD
added 2026/05/11 9:18 p.m.10 views

CVE-2026-28923

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox...

8.8CVSS0.00154EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/11 8:8 p.m.30 views

CVE-2026-28987

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to leak sensitive kernel state...

0.0044EPSS
Exploits0References7
CVE
CVE
added 2026/05/11 8:8 p.m.18 views

CVE-2026-28987

The CVE-2026-28987 describes a logging issue that could cause leakage of sensitive kernel state due to insufficient data redaction. Apple fixed this by improving data redaction in the kernel logging path. Affected updates include iOS 18.7.9 / iPadOS 18.7.9, iOS 26.5 / iPadOS 26.5, macOS Sequoia 1...

7.5CVSS5.8AI score0.0044EPSS
Exploits0References7Affected Software5
Rows per page
Query Builder