CVE-2026-0024

The CVE-2026-0024 issue is in Android’s MediaProvider.java (isRedactionNeededForOpenViaContentResolver). A missing permission check could reveal the location of media, causing local information disclosure with no extra privileges and without user interaction. The connected sources (NVD, Red Hat, ...

EUVD-2026-9238

In isRedactionNeededForOpenViaContentResolver of MediaProvider.java, there is a possible way to reveal the location of media due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

Apache Solr can leak certain passwords due to System Property redaction logic inconsistencies

Insufficiently Protected Credentials vulnerability in Apache Solr. This issue affects Apache Solr from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0. One of the two endpoints that publishes the Solr process' Java system properties, /admin/info/properties, was only setup to hide system properties...

CVE-2023-50291 Apache Solr: System Property redaction logic inconsistency can lead to leaked passwords

Insufficiently Protected Credentials vulnerability in Apache Solr. This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0. One of the two endpoints that publishes the Solr process' Java system properties, /admin/info/properties, was only setup to hide system properties...