PT-2026-41661

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 fail to sanitize sensitive configuration fields in the Mattermost Calls plugin which allows an attacker with access to a support packet to obtain TURN server credentials via the plaintext values present in the exported plugi...

CVE-2026-41385

OpenClaw before 2026.3.31 stores Nostr privateKey as plaintext in configuration, allowing exposure through config.get method calls that bypass redaction mechanisms. Attackers can retrieve unredacted configuration data to obtain plaintext signing keys used for Nostr protocol operations...

CVE-2025-60858

Reolink Video Doorbell Wi-Fi DB566128M5MPW stores and transmits DDNS credentials in plaintext within its configuration and update scripts, allowing attackers to intercept or extract sensitive information...

D-Link DSR-150 安全漏洞

D-Link DSR-150 is a Unified Services Router from China AUO D-Link. A security vulnerability exists in the D-Link DSR-150 v1.09B32WWW, which stems from an unauthenticated local file inclusion vulnerability that could allow a remote attacker to gain access to sensitive configuration files in...

BIT-NIFI-2020-9486

In Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution engine produced log output which included sensitive property values. When a flow was triggered, the flow definition configuration JSON was printed, potentially containing sensitive values in plaintext...

CVE-2024-10973

Keycloak vulnerability CVE-2024-10973: the KC_CACHE_EMBEDDED_MTLS_ENABLED environment option does not work and JGroups replication is used in plain text, allowing an attacker on adjacent networks to read sensitive information. The issue affects Keycloak deployments relying on this configuration; ...

CVE-2023-27370

NETGEAR RAX30 Device Configuration Cleartext Storage Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability,...

Information Disclosure

Dapr dashboard is vulnerable to information disclosure. The vulnerability is due to the dashboard's access control not being properly configured, resulting in an attacker gaining access to obtain sensitive plaintext configuration of redis, mongodb, rabbitmq and other applications on the cloud...

Cisco Firepower Management Center 安全漏洞

Cisco Firepower Management Center FMC is the next generation firewall management center software from Cisco. Cisco Firepower Management Center has security vulnerabilities that stem from improper encryption of sensitive information stored in the GUI configuration manager. An attacker could exploi...

CVE-2019-3606

Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security Management NSM 9.1 9.1.7.75 Update 4 and 9.2 9.2.7.31 Update2 allows administrators to view configuration information in plain text format via the GUI or GUI terminal commands...

McAfee VirusScan Enterprise Elevation of Privilege Vulnerability

McAfee VirusScan Enterprise VSE is a suite of antivirus software from the American company McAfee. The software provides a full range of security protection, scanning memory for malicious code and optimizing updates for remote systems, etc. Microsoft Windows client is one of its clients based on...

Thermo Fisher Scientific dataTaker DT8x dEX Information Disclosure Vulnerability

The Thermo Fisher Scientific dataTaker DT8x dEX is a data acquisition recorder from Thermo Fisher Scientific Australia. A security vulnerability exists in Thermo Fisher Scientific dataTaker DT8x dEX version 1.72.007. A remote attacker can exploit this vulnerability to obtain plaintext configurati...

racoon security association deletion vulnerability

A remote attacker may use specially crafted IKE/ISAKMP messages to cause racoon to delete security associations. This could result in denial-of-service or possibly cause sensitive traffic to be transmitted in plaintext, depending upon configuration...