WordPress Simply Schedule Appointments plugin < 1.6.11.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Jakub Herman in WordPress Plugin Simply Schedule Appointments versions 1.6.11.2...

USN-8208-1 haproxy vulnerability

Martino Spagnuolo discovered that HAProxy did not check received body lengths in the HTTP/3 parser. A remote attacker could possibly use this issue to perform a request smuggling attack and obtain sensitive information...

CVE-2026-42379

Insertion of Sensitive Information Into Sent Data vulnerability in WPDeveloper Templately allows Retrieve Embedded Sensitive Data.This issue affects Templately: from n/a through 3.6.1...

CVE-2026-42379

Insertion of Sensitive Information Into Sent Data vulnerability in WPDeveloper Templately allows Retrieve Embedded Sensitive Data.This issue affects Templately: from n/a through 3.6.1...

CVE-2026-42379 WordPress Templately plugin <= 3.6.1 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in WPDeveloper Templately allows Retrieve Embedded Sensitive Data.This issue affects Templately: from n/a through 3.6.1...

CVE-2026-42379

CVE-2026-42379 affects the WordPress WPDeveloper Templately plugin

EUVD-2026-25797

Insertion of Sensitive Information Into Sent Data vulnerability in WPDeveloper Templately allows Retrieve Embedded Sensitive Data.This issue affects Templately: from n/a through 3.6.1...

CVE-2026-42379 WordPress Templately plugin <= 3.6.1 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in WPDeveloper Templately allows Retrieve Embedded Sensitive Data.This issue affects Templately: from n/a through 3.6.1...

WordPress Templately plugin <= 3.6.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Templately versions = 3.6.1...

CVE-2026-22077 Sensitive Information Disclosure Vulnerability Caused by Trusted Domain Bypass in OPPO Wallet

OPPO Wallet APP contains a trusted domain validation flaw that allows attackers to bypass protected interface access restrictions, which may lead to account token hijacking and sensitive information disclosure...

CVE-2026-22077

CVE-2026-22077 affects OPPO Wallet. A trusted-domain validation flaw enables bypass of protected interface access, which can lead to account token hijacking and sensitive information disclosure. The CVSS 4.0 vector indicates local attack vector, high confidentiality impact, and no user interactio...

CVE-2026-22077 Sensitive Information Disclosure Vulnerability Caused by Trusted Domain Bypass in OPPO Wallet

OPPO Wallet APP contains a trusted domain validation flaw that allows attackers to bypass protected interface access restrictions, which may lead to account token hijacking and sensitive information disclosure...

PT-2026-35374

Insertion of Sensitive Information Into Sent Data vulnerability in WPDeveloper Templately allows Retrieve Embedded Sensitive Data.This issue affects Templately: from n/a through 3.6.1...

WordPress plugin Templately 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...

Insertion of Sensitive Information into Log File

Overview n8n-mcp is an Integration between n8n workflow automation and Model Context Protocol MCP Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the request dispatcher and related logging. An attacker can obtain sensitive information, such...

n8n-MCP: Sensitive MCP tool-call arguments logged on authenticated requests in HTTP mode

Impact When n8n-mcp runs in HTTP transport mode, authenticated MCP tools/call requests had their full arguments and JSON-RPC params written to server logs by the request dispatcher and several sibling code paths before any redaction. When a tool call carries credential material — most notably...

CVE-2026-40895

A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect a redirection to a different domain, custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect...

CVE-2026-21515

Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an authorized attacker to elevate privileges over a network...

EUVD-2026-25416

Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an authorized attacker to elevate privileges over a network...

CVE-2026-21515

Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an authorized attacker to elevate privileges over a network...