Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Kafka (CVE-2026-35554)

Summary A vulnerability in Apache Kafka that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2026-33558 DESCRIPTION: Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and response...

CVE-2026-27900 Terraform Provider Debug Logs Vulnerable to Sensitive Information Exposure

The Terraform Provider for Linode versions prior to v3.9.0 logged sensitive information including some passwords, StackScript content, and object storage data in debug logs without redaction. Provider debug logging is not enabled by default. This issue is exposed when debug/provider logs are...

CVE-2025-12910

Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. Chromium security severity: Low...

EUVD-2025-38335

Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. Chromium security severity: Low...

CVE-2025-56675

The EKEN video doorbell T6 BT60PLUSMAINV1.0GC108420230531 periodically sends debug logs to the EKEN cloud servers with sensitive information such as the Wi-Fi SSID and password...

EUVD-2025-24680

Malicious code in bioql PyPI...

CVE-2025-48861

A vulnerability in the Task API endpoint of the ctrlX OS setup mechanism allowed a remote, unauthenticated attacker to access and extract internal application data, including potential debug logs and the version of installed apps...

CVE-2025-48861

A vulnerability in the Task API endpoint of the ctrlX OS setup mechanism allowed a remote, unauthenticated attacker to access and extract internal application data, including potential debug logs and the version of installed apps...

CVE-2023-41263

An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to unauthenticated users at the /debug/ URL path. With knowledge of valid IP addresses and source types, an unauthenticated attacker can download debug logs containing application-related information...

CVE-2023-41263

An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to unauthenticated users at the /debug/ URL path. With knowledge of valid IP addresses and source types, an unauthenticated attacker can download debug logs containing application-related information...

CVE-2023-41263

An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to unauthenticated users at the /debug/ URL path. With knowledge of valid IP addresses and source types, an unauthenticated attacker can download debug logs containing application-related information...

CVE-2023-5028

A vulnerability, which was classified as problematic, has been found in China Unicom TEWA-800G 4.16L.04CT2015Yueme. Affected by this issue is some unknown functionality. The manipulation leads to information exposure through debug log file. It is possible to launch the attack on the physical...

CVE-2019-3763

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain an information exposure vulnerability. The Office 365 user password may get logged in a plain text format in the Office 365 connector debug log file. An authenticated...