Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2026/05/19 12:31 p.m.9 views

Vaadin Build Plugins is Affected by a Possible Information Disclosure Vulnerability

A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...

5.8CVSS5.8AI score0.00117EPSS
Exploits0References4Affected Software3
Vulnrichment
Vulnrichment
added 2026/05/19 11:1 a.m.12 views

CVE-2026-7860 Possible information disclosure of environment variables in Vaadin Build Plugins via Failed Frontend Build

A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...

5.8CVSS5.8AI score0.00117EPSS
Exploits0References2
CVE
CVE
added 2026/05/19 11:1 a.m.22 views

CVE-2026-7860

CVE-2026-7860 describes an information-disclosure risk in Vaadin build tools: Vaadin Maven/Gradle plugins can print the full set of environment variables to build logs when a frontend build fails (non-zero exit). This can expose credentials/secrets in CI logs and artifacts. Affected ranges and fi...

5.8CVSS5.8AI score0.00117EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.4 views

PT-2025-39354

Name of the Vulnerable Software and Affected Versions Nx affected versions not specified Description A malicious code insertion occurred within the Nx build system package and associated plugins, distributed through the npm software registry as part of a supply-chain attack. The compromised...

9.6CVSS7.5AI score0.00527EPSS
Exploits0References28
Rows per page
Query Builder