FlowiseAI Vulnerable to Credential Data Leak

Severity: HIGH CVSS 7.5 Type: CWE-200 Exposure of Sensitive Information File: packages/server/src/services/credentials/index.ts:62-71 Description: When credentials are fetched with a credentialName filter parameter, the encryptedData field is NOT stripped from the response. The code properly omit...

GHSA-7G73-99R4-M4MJ FlowiseAI Vulnerable to Credential Data Leak

Severity: HIGH CVSS 7.5 Type: CWE-200 Exposure of Sensitive Information File: packages/server/src/services/credentials/index.ts:62-71 Description: When credentials are fetched with a credentialName filter parameter, the encryptedData field is NOT stripped from the response. The code properly omit...

PT-2026-41208

Severity: HIGH CVSS 7.5 Type: CWE-200 Exposure of Sensitive Information File: packages/server/src/services/credentials/index.ts:62-71 Description: When credentials are fetched with a credentialName filter parameter, the encryptedData field is NOT stripped from the response. The code properly omit...

CVE-2025-43697

Improper Preservation of Permissions vulnerability in Salesforce OmniStudio DataMapper allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025...

CVE-2025-43700

Improper Preservation of Permissions vulnerability in Salesforce OmniStudio FlexCards allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025...

CVE-2025-43697

CVE-2025-43697 is a Salesforce OmniStudio (DataMapper) issue described as Improper Preservation of Permissions, enabling exposure of encrypted data for affected records when field-level permissions are not enforced. Public details indicate the vulnerability affects OmniStudio before Spring 2025 a...

CVE-2025-43700

CVE-2025-43700 is a vulnerability in Salesforce OmniStudio (FlexCards) described as Improper Preservation of Permissions that can expose encrypted data. Public sources (NVD/NVD-derived entries) state impact on OmniStudio versions before Spring 2025 with a CVSS v3.1 base score of 7.5 (HIGH), indic...

PT-2025-22117 · Salesforce · Omnis Studio

Name of the Vulnerable Software and Affected Versions: Salesforce OmniStudio versions prior to Spring 2025 Description: The issue is related to an Improper Preservation of Permissions vulnerability in Salesforce OmniStudio DataMapper, which allows the exposure of encrypted data. Recommendations:...

SIMPLE.ERP 安全漏洞

SIMPLE.ERP is an e-commerce platform from SIMPLE, Inc. A security vulnerability exists in SIMPLE.ERP versions 6.20 through 6.30, which stems from an MS SQL protocol degradation request may result in unencrypted communication that is susceptible to data interception and modification...

SAP Adaptive Server Enterprise Information Disclosure Vulnerability (CNVD-2020-46790)

SAP Adaptive Server Enterprise ASE is a relational database server from SAP, Germany. An information disclosure vulnerability exists in SAP ASE version 16.0. An attacker could exploit the vulnerability to access encrypted sensitive information...

Dell EMC VxRail Incorrect Authentication Vulnerability

Dell EMC VxRail is a VMware hyperconverged infrastructure appliance from Dell USA. The product contains compute, storage, network, and virtualization resources, among others. A security vulnerability exists in Dell EMC VxRail versions 4.7.410 and 4.7.411. A remote attacker could exploit the...