Lucene search
K

1281 matches found

Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.18 views

PT-2026-45370

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.2.2 Description A bug in the Variable response masker allows the bypass of nested-key redaction when the nesting depth of a JSON value exceeds the recursion limit of the shared secrets masker. This occurs wit...

6.5CVSS6AI score0.00335EPSS
Exploits0References5
OSV
OSV
added 2026/05/28 5:52 p.m.19 views

GHSA-Q8CJ-789H-VG24 OpenBao's Inline Auth Incorrectly Redacted Headers

Impact OpenBao's inline auth functionality incorrectly redacted audit log entries, resulting in non-auth headers being removed and auth-related headers being retained in cleartext. This requires an attacker to compromise access to the audit device. Operators should review leaked source...

5.4CVSS5.8AI score0.00029EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2026/05/27 5:34 p.m.8 views

doc-redaction (>=2.2.0 <=2.3.0), f5-tts (=1.1.20) +8 more potentially affected by CVE-2026-48545 via gradio (>=6.0.0 <=6.11.0)

gradio PYPI version =6.0.0, =2.2.0, =2.1.1, =0.0.1, =1.14.0, =2.10.0 Source cves: CVE-2026-48545 Source advisory: SNYK:PYTHON-GRADIO-16960000...

7.6CVSS5.7AI score0.0035EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

This issue has been resolved through improved redaction of sensitive information. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2. A user’s password may be read aloud by VoiceOver...

7.5CVSS7.4AI score0.0095EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/19 7:28 p.m.21 views

Kong Ingress Controller for Kubernetes (KIC): Secret-backed plugin configurations leak through non-sensitive diagnostics endpoint

Summary A vulnerability in the Kong Ingress Controller KIC allows for the unauthorized exposure of sensitive plugin credentials through the diagnostics interface. Even when configured to redact sensitive information using --dump-sensitive-config=false, KIC fails to sanitize the Plugins field in...

5.8AI score
Exploits0References2Affected Software3
OSV
OSV
added 2026/05/19 3:40 p.m.7 views

GHSA-WG5X-3G47-V38R fabric-chaincode-java: TLS Private Key Password Disclosed in INFO Startup Logs in Chaincode-as-a-Service Mode

When chaincode is deployed in chaincode-as-a-service mode with TLS enabled, the chaincode server INFO level logging includes the TLS private key password in plaintext. An attacker with access to the chaincode server logs could recover the TLS private key password. If the attacker can also obtain...

5.5CVSS5.8AI score0.00106EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.17 views

PT-2026-41961

Name of the Vulnerable Software and Affected Versions fabric-chaincode-java versions 2.3.1 through 2.5.9 Description When chaincode is deployed in chaincode-as-a-service mode with TLS enabled, the chaincode server INFO level logging includes the TLS private key password in plaintext. An attacker...

5.5CVSS5.5AI score0.00106EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.13 views

PT-2026-42362

Summary A vulnerability in the Kong Ingress Controller KIC allows for the unauthorized exposure of sensitive plugin credentials through the diagnostics interface. Even when configured to redact sensitive information using --dump-sensitive-config=false, KIC fails to sanitize the Plugins field in...

4.9CVSS5.8AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/14 6:25 p.m.17 views

dbt MCP Server Transmits All MCP Tool Arguments Including Raw SQL and --vars Credentials to dbt Labs Telemetry by Default Without Redaction

Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary DefaultUsageTracker.emittoolcalledevent in src/dbtmcp/tracking/tracking.py serializes the complete arguments dictionary of every MCP tool call and transmits it verbatim to...

6AI score0.00042EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/14 6:24 p.m.14 views

dbt MCP Server Logs Tool Arguments Including SQL Queries and Credentials in Plaintext Without Redaction When File Logging Is Enabled

Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary DbtMCP.calltool in src/dbtmcp/mcp/server.py logs the complete raw arguments dictionary at INFO level on every tool invocation line 67 and again at ERROR level if the call...

6AI score0.00012EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.14 views

PT-2026-41149

Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary DbtMCP.call tool in src/dbt mcp/mcp/server.py logs the complete raw arguments dictionary at INFO level on every tool invocation line 67 and again at ERROR level if the cal...

2.5CVSS6AI score0.00012EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.24 views

PT-2026-40961

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager versions prior to 26.0.1 Description A flaw in the web UI of Cisco Catalyst SD-WAN Manager allows an authenticated remote attacker with read-only permissions to elevate their privileges to those of a high-privileg...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-8200

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not...

5.3CVSS5.8AI score0.00204EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.15 views

CVE-2026-28943

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to determine kernel memory layout...

7.5CVSS5.8AI score0.0044EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/13 8:21 a.m.16 views

CVE-2026-28923

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox...

8.8CVSS5.8AI score0.00154EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/05/13 8:1 a.m.12 views

jq: Embedded NUL in jq import paths causes local redaction-policy bypass and preserves sensitive fields in published artifacts

...

4.4CVSS5.8AI score0.00157EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/05/13 12:8 a.m.11 views

CVE-2026-8200 Schema validation log messages may not redact user data

When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. This issue impacts MongoDB Server v7.0 versions prior to 7.0.34, v8.0 versions prior to 8.0.23, v8.2 version...

4.8CVSS5.8AI score0.00204EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 12:8 a.m.62 views

CVE-2026-8200 Schema validation log messages may not redact user data

When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. This issue impacts MongoDB Server v7.0 versions prior to 7.0.34, v8.0 versions prior to 8.0.23, v8.2 version...

4.8CVSS0.00204EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 12:8 a.m.44 views

CVE-2026-8200

The CVE-2026-8200 entry covers MongoDB Server: affected versions are v7.0 before 7.0.34, v8.0 before 8.0.23, v8.2 before 8.2.9, and v8.3 before 8.3.2. When schema validation is enabled and an update/insert would violate the schema, the generated local server log message may not redact all user da...

5.3CVSS5.8AI score0.00204EPSS
Exploits0References1Affected Software1
MongoDB
MongoDB
added 2026/05/13 12:8 a.m.18 views

Schema validation log messages may not redact user data

When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. This issue impacts MongoDB Server v7.0 versions prior to 7.0.34, v8.0 versions prior to 8.0.23, v8.2 version...

5.3CVSS5.8AI score0.00204EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder