62 matches found
CVE-2026-48828
The CVE-2026-48828 issue affects Apache Airflow’s Bulk Variables API: the redactor was invoked without passing the variable key, so the key-based should_hide_value_for_key check (triggered by secret-suffixed keys like *_password, *_token, *_secret) could not redact JSON-typed variable values. An ...
jenkins -- multiple vulnerabilities
Jenkins Security Advisory 2026-06-10: SECURITY-3707 / CVE-2026-53435: Deserialization vulnerability High SECURITY-3711+3755 / CVE-2026-53436, CVE-2026-53437: Open redirect vulnerability Medium SECURITY-3712 / CVE-2026-53438: Missing permission check allows canceling queue items Medium SECURITY-37...
CVE-2026-44653
LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, users with only VIEW access to an MCP server can retrieve the server's decrypted admin-managed secrets through GET /api/mcp/servers and GET /api/mcp/servers/:serverName. The returned...
CVE-2026-44653
LibreChat contains a vulnerability in versions up to 0.8.3 where users with only VIEW access to an MCP server can retrieve decrypted admin secrets via GET /api/mcp/servers and GET /api/mcp/servers/:serverName. The API returns plaintext values for apiKey.key and oauth.client_secret, enabling viewe...
EUVD-2026-34047
LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, users with only VIEW access to an MCP server can retrieve the server's decrypted admin-managed secrets through GET /api/mcp/servers and GET /api/mcp/servers/:serverName. The returned...
Insertion of Sensitive Information Into Sent Data
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the handling of rendered template fields when the length exceeds the configured maximum, causing nested sensitive keys within JSON structures to be stringified before redaction and...
Insertion of Sensitive Information Into Sent Data
Overview apache-airflow-task-sdk is a The Apache Airflow Task SDK includes interfaces for Dag authors and Task execution logic for Python. Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the handling of rendered template fields when the...
CVE-2026-42358
Summary (CVE-2026-42358): In Apache Airflow, the Variable response masker can bypass nested-key redaction when JSON values are deeply nested. Keys ending with secret-like suffixes (password, token, secret, api_key) could have their plaintext values exposed if nesting depth exceeds the masker's re...
PT-2026-42362
Summary A vulnerability in the Kong Ingress Controller KIC allows for the unauthorized exposure of sensitive plugin credentials through the diagnostics interface. Even when configured to redact sensitive information using --dump-sensitive-config=false, KIC fails to sanitize the Plugins field in...
CVE-2026-42880 ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Extraction
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there is a missing authorization and data-masking gap in Argo CD's ServerSideDiff endpoint that allows an attacker with read-only access to extract plaintext...
CVE-2026-33722
n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential. This bypassed the...
EUVD-2026-15953
n8n Has External Secrets Authorization Bypass in Credential Saving...
n8n Has External Secrets Authorization Bypass in Credential Saving
Impact An authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential. This bypassed the externalSecret:list permission check and allowed access to secrets stored in...
Incorrect Authorization
Overview n8n is a n8n Workflow Automation Tool Affected versions of this package are vulnerable to Incorrect Authorization when saving credentials. An authenticated user can access plaintext values of secrets stored in external vaults by referencing a secret's external name in a credential,...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization when saving credentials. An authenticated user can access plaintext values of secrets stored in external vaults by referencing a secret's external name in a credential, bypassing intended permission checks. Note:...
GHSA-FXCW-H3QJ-8M8P n8n Has External Secrets Authorization Bypass in Credential Saving
Impact An authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential. This bypassed the externalSecret:list permission check and allowed access to secrets stored in...
GHSA-M63J-689W-3J35 n8n is Vulnerable to Credential Theft via Name-Based Resolution and Permission Checker Bypass in Community Edition
Impact An authenticated user with the global:member role could exploit chained authorization flaws in n8n's credential pipeline to steal plaintext secrets from generic HTTP credentials httpBasicAuth, httpHeaderAuth, httpQueryAuth belonging to other users on the same instance. The attack abuses a...
CVE-2026-33722 n8n Has External Secrets Authorization Bypass in Credential Saving
n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential. This bypassed the...
CVE-2026-33722
n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without permission to list external secrets could reference a secret by the external name in a credential and retrieve its plaintext value when saving the credential. This bypassed the...
CVE-2026-32890
Anchorr is a Discord bot for requesting movies and TV shows and receiving notifications when items are added to a media server. In versions 1.4.1 and below, a stored Cross-site Scripting XSS vulnerability in the web dashboard's User Mapping dropdown allows any unprivileged Discord user in the...