PT-2026-39895

Name of the Vulnerable Software and Affected Versions Valtimo versions 12.4.0 through 12.32.0 Valtimo versions 13.0.0 through 13.25.0 Description The LoggingRestClientCustomizer in the web module automatically intercepts all outgoing HTTP calls made via Spring's RestClient and logs the full reque...

oxia 日志信息泄露漏洞

Oxia is a distributed metadata storage and coordination system developed by Oxia. Versions of Oxia prior to 0.16.2 had a vulnerability related to log information leakage. This vulnerability occurred when OIDC authentication failed, resulting in the complete bearer token being recorded in plain te...

PT-2026-25091

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.24, the password reset flow logs the complete password reset URL — containing the plaintext reset token — at INFO log level, which is enabled by default in production. Anyone with access to application logs log...

Verizon Wireless Internal Credentials, Infrastructure Details Exposed in Amazon S3 Bucket

Organizations continue to leak data through publicly accessible Amazon S3 buckets, pointing a harsh finger at continued lax attitudes toward the custodianship of sensitive data. Verizon is the latest business affected by this epidemic, leaking in this case files marked confidential from an intern...