CVE-2026-45046

Gryph provides a security layer for AI coding agents. Prior to 0.7.0, Gryph implements logging levels that determine what content is logged to a local sqlite database. The README incorrectly mentions that the default log level is minimal while it is standard. Source code review shows sensitive...

CVE-2026-8671

Insertion of sensitive information into log file vulnerability in syslink software AG Avantra on Linux, Windows allows Resource Leak Exposure. This issue affects Avantra: before 25.3.0...

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the LoggingRestClientCustomizer method. An attacker can access sensitive information by triggering HTTP requests that result in error responses, causing the full request body, response...

ROS-20260420-73-0022

Vulnerability in python-aiohttp related to redundant data logging. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2026-2401

CWE-532 Insertion of Sensitive Information into Log File vulnerability exists that could cause confidential information to be exposed when a Web Admin user executes a malicious file provided by an attacker...

CVE-2026-2401

Technical details for CVE-2026-2401 are not publicly available in the provided documents; monitor for updates.

CVE-2025-70040

An issue pertaining to CWE-532: Insertion of Sensitive Information into Log File was discovered in LupinLin1 jimeng-web-mcp v2.1.2. This allows an attacker to obtain sensitive information...

CVE-2026-2502

The xmlrpc attacks blocker plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0, via the 'X-Forwarded-For' HTTP header. This is due to the plugin trusting and logging attacker-controlled IP header data and rendering debug log entries without outp...

EUVD-2026-1996

hermes's raw options logging may disclose secrets passed in via subcommand options argument...

CVE-2025-14432

In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center TAC to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration...

CVE-2025-9127

A vulnerability exists in PX Enterprise whereby sensitive information may be logged under specific conditions...

PT-2025-49111

Name of the Vulnerable Software and Affected Versions PX Enterprise affected versions not specified Description A flaw exists in PX Enterprise that could lead to the logging of sensitive information under certain circumstances. Approximately 10,000 devices worldwide may be affected. There are no...

CVE-2025-11248 Sensitive Information Logged

ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token...

IBM Transformation Extender Advanced Log Message Disclosure Vulnerability

IBM Transformation Extender Advanced is a data transformation, validation and standardization tool software from International Business Machines IBM. IBM Transformation Extender Advanced suffers from a log information disclosure vulnerability that originates from storing sensitive information in ...

EUVD-2025-35091

Actual Sync-server Gocardless service is logging sensitive data including bearer tokens and account numbers...

EUVD-2020-29144

Malware in sbrugna...

EUVD-2021-13797

Malware in sbrugna...

EUVD-2020-28347

Malware in sbrugna...

PT-2025-40862

Name of the Vulnerable Software and Affected Versions Affected versions not specified Description The system logs data from POST requests without validation. Specifically, when a user attempts to log in with incorrect credentials, the request data is logged. It is possible to send excessively lar...

EUVD-2024-37245

Malicious code in bioql PyPI...