CVE-2026-44516 Valtimo: Sensitive data exposure through HTTP request/response logging in LoggingRestClientCustomizer

Valtimo is an open-source business process automation platform. From 12.4.0 to 12.33.0 and 13.26.0, the LoggingRestClientCustomizer in the web module automatically intercepts all outgoing HTTP calls made via Spring's RestClient and logs the full request body, response body, and response headers...

CVE-2026-44516

Valtimo (versions 12.4.0–12.33.0 and 13.26.0) contains a vulnerability in the web module where the LoggingRestClientCustomizer intercepts outgoing HTTP calls via Spring RestClient and logs full request/response bodies and headers. When errors occur, this data can appear in HttpClientErrorExceptio...

CVE-2025-62305 HCL AION is affected by a vulnerability where certain operations may trigger out-of-band interactions

HCL AION is affected by a vulnerability where certain operations may trigger out-of-band interactions, potentially resulting in unintended disclosure of sensitive information. Such behaviour may allow exposure of data to external systems under specific conditions...

EUVD-2025-209848

HCL AION is affected by a vulnerability where certain operations may trigger out-of-band interactions, potentially resulting in unintended disclosure of sensitive information. Such behaviour may allow exposure of data to external systems under specific conditions...

CVE-2025-62317

HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters, potentially exposing data through browser history, logs, or intermediary systems. The connected documents confirm the issue but do not provide a remediation or detailed exploit information. CVSS...

CVE-2025-62317

HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters. Passing sensitive data in URLs may expose it through browser history, logs, or intermediary systems, potentially leading to unintended information disclosure under certain conditions...

CVE-2025-62317 HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters.

HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters. Passing sensitive data in URLs may expose it through browser history, logs, or intermediary systems, potentially leading to unintended information disclosure under certain conditions...

CVE-2025-62317 HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters.

HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters. Passing sensitive data in URLs may expose it through browser history, logs, or intermediary systems, potentially leading to unintended information disclosure under certain conditions...

EUVD-2025-209857

HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters. Passing sensitive data in URLs may expose it through browser history, logs, or intermediary systems, potentially leading to unintended information disclosure under certain conditions...

CVE-2025-62308 HCL AION is affected by a vulnerability where sensitive backend infrastructure details may be exposed

HCL AION is affected by a vulnerability where sensitive backend infrastructure details may be exposed. Exposure of such information could reveal internal system architecture or configuration details, which may potentially assist in further analysis or targeted actions under certain conditions...

EUVD-2025-209850

HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to unintended exposure under specific conditions...

CVE-2025-62309 HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields.

HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to unintended exposure under specific conditions...

CVE-2025-62309 HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields.

HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to unintended exposure under specific conditions...

CVE-2025-62309

Technical details about CVE-2025-62309 are not publicly available in the provided documents. Monitor for updates.

CVE-2026-20210

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to modify configurations and perform unauthorized actions on an affected system. This vulnerability exists because of a failure to reda...

EUVD-2026-30326

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to modify configurations and perform unauthorized actions on an affected system. This vulnerability exists because of a failure to reda...

CVE-2026-20210 Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to modify configurations and perform unauthorized actions on an affected system. This vulnerability exists because of a failure to reda...

CVE-2025-62311 HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels.

HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels. This may expose sensitive information to potential interception or unauthorized access during transmission under certain conditions...

CVE-2025-62311

HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels. This may expose sensitive information to potential interception or unauthorized access during transmission under certain conditions...

CVE-2025-62311 HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels.

HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels. This may expose sensitive information to potential interception or unauthorized access during transmission under certain conditions...