Lucene search
K

94 matches found

NVD
NVD
added 5 days ago11 views

CVE-2026-56459

HCL DevOps Deploy / HCL Launch is susceptible to sensitive information disclosure. The application stores potentially sensitive information in log files that could be read by a local user...

6.2CVSS0.00141EPSS
Exploits0References1
NVD
NVD
added 5 days ago9 views

CVE-2026-56458

HCL DevOps Deploy uses Cross-Origin Resource Sharing CORS which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains...

7.5CVSS0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago36 views

CVE-2026-56460 HCL DevOps Deploy / HCL Launch is susceptible to an Insertion of Sensitive Information Into Sent Data vulnerability

HCL DevOps Deploy / HCL Launch could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attacks against the system...

6.5CVSS0.00371EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-42552

HCL DevOps Deploy uses Cross-Origin Resource Sharing CORS which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains...

5.4CVSS5.9AI score0.00248EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-56458

HCL DevOps Deploy uses Cross-Origin Resource Sharing CORS which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains...

5.4CVSS5.9AI score0.00248EPSS
Exploits0References2
CVE
CVE
added 5 days ago12 views

CVE-2026-56459

CVE-2026-56459 affects HCL DevOps Deploy / HCL Launch. The issue: the application stores potentially sensitive information in log files, which could be read by a local user, enabling sensitive data disclosure. Details in the provided documents indicate a local-access exposure due to log handling,...

6.2CVSS5.9AI score0.00141EPSS
Exploits0References1Affected Software2
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-56459

HCL DevOps Deploy / HCL Launch is susceptible to sensitive information disclosure. The application stores potentially sensitive information in log files that could be read by a local user...

6.2CVSS5.9AI score0.00141EPSS
Exploits0References2
NVD
NVD
added 2026/06/29 2:16 p.m.12 views

CVE-2026-56457

HCL DevOps Deploy / HCL Launch is susceptible to an exposure of sensitive information vulnerability in output logs. This exposure could allow an attacker with access to the logs to potentially obtain sensitive values related to that step...

4.3CVSS0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/29 1:18 p.m.9 views

CVE-2026-56457

HCL DevOps Deploy / HCL Launch is susceptible to an exposure of sensitive information vulnerability in output logs. This exposure could allow an attacker with access to the logs to potentially obtain sensitive values related to that step...

4.3CVSS5.8AI score0.0018EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:15 a.m.6 views

CVE-2025-62327

In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries...

4.9CVSS6.7AI score0.00222EPSS
Exploits0References1
NVD
NVD
added 2026/01/07 4:15 p.m.12 views

CVE-2025-62327

In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries...

4.9CVSS0.00222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/07 3:17 p.m.5 views

CVE-2025-62327 HCL DevOps Deploy is susceptible to insufficiently protected credentials

In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries...

4.9CVSS6.3AI score0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/07 3:17 p.m.28 views

CVE-2025-62327 HCL DevOps Deploy is susceptible to insufficiently protected credentials

In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries...

4.9CVSS0.00222EPSS
Exploits0References1
CVE
CVE
added 2026/01/07 3:17 p.m.12 views

CVE-2025-62327

The CVE-2025-62327 affects HCL DevOps Deploy versions 8.1.2.0 through 8.1.2.3. A user with LLM configuration privileges may recover credentials saved for performing authenticated LLM Queries, indicating improper access control around LLM credentials. Root cause described across sources is insuffi...

4.9CVSS6.3AI score0.00222EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.5 views

PT-2026-1838

Name of the Vulnerable Software and Affected Versions HCL DevOps Deploy versions 8.1.2.0 through 8.1.2.3 Description A user possessing LLM configuration privileges may be able to recover credentials previously saved for authenticated LLM Queries. Recommendations Update HCL DevOps Deploy to a...

4.9CVSS6.5AI score0.00222EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.12 views

HCL Launch和HCL DevOps Deploy 安全漏洞

HCL Launch and HCL DevOps Deploy are both products of HCL India.HCL Launch is a multi-functional, enterprise-grade continuous delivery automation software. Used to handle the most complex deployment processes in DevOps.HCL DevOps Deploy is an application. Can be mapped to your organizational...

4.8CVSS6.8AI score0.00166EPSS
Exploits0References1
NVD
NVD
added 2025/12/16 4:15 p.m.11 views

CVE-2025-62329

HCL DevOps Deploy / HCL Launch is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated. This could lead to unauthorized access under certain network conditions...

5.6CVSS0.0016EPSS
Exploits0References1
OSV
OSV
added 2025/12/16 4:15 p.m.5 views

CVE-2025-62329

HCL DevOps Deploy / HCL Launch is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated. This could lead to unauthorized access under certain network conditions...

5.6CVSS5.7AI score0.0016EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/16 3:11 p.m.27 views

CVE-2025-62329 HCL DevOps Deploy / HCL Launch is susceptible to an insufficient session expiration vulnerability

HCL DevOps Deploy / HCL Launch is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated. This could lead to unauthorized access under certain network conditions...

5CVSS0.0016EPSS
Exploits0References1
CVE
CVE
added 2025/12/16 3:11 p.m.15 views

CVE-2025-62329

HCL DevOps Deploy / HCL Launch are affected by a race condition in the HTTP session client-IP binding enforcement, which may allow a session to be briefly reused from a new IP address before invalidation. This could lead to unauthorized access under certain network conditions. Affected products a...

5.6CVSS6.2AI score0.0016EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder