CVE-2026-27900 Terraform Provider Debug Logs Vulnerable to Sensitive Information Exposure

The Terraform Provider for Linode versions prior to v3.9.0 logged sensitive information including some passwords, StackScript content, and object storage data in debug logs without redaction. Provider debug logging is not enabled by default. This issue is exposed when debug/provider logs are...

CVE-2026-1234

A security issue was identified in the Llama Stack server when PGVector is used as a vector store provider. During initialization, the server logs print the PGVector database password in clear text. This occurs due to insufficient redaction of sensitive configuration fields. As a result, anyone...

PT-2022-7096 · Pcvue · Pcvue

Name of the Vulnerable Software and Affected Versions: PcVue versions 15 through 15.2.2 Description: An issue exists where sensitive information is inserted into log files, potentially allowing users with access to these logs to discover connection strings of data sources configured for the...

ovirt-engine: DEBUG logging includes unmasked passwords

ovirt-engine before version 4.1.7.6 with log level set to DEBUG includes passwords in the log file without masking. Only administrators can change the log level and only administrators can access the logs. This presents a risk when debug-level logs are shared with vendors or other parties to...