GHSA-CVH3-23VQ-W7H4 Statamic's Markdown preview endpoint exposes sensitive user data

Impact The markdown preview endpoint could be manipulated to return augmented data from arbitrary fieldtypes. With the users fieldtype specifically, an authenticated control panel user could retrieve sensitive user data including email addresses, encrypted passkey data, and encrypted two-factor...

CVE-2025-31514

An Insertion of Sensitive Information into Log File vulnerability CWE-532 in FortiOS 7.6.0 through 7.6.3, 7.4 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an attacker with at least read-only privileges to retrieve sensitive 2FA-related information via observing log...

CVE-2025-31514

An Insertion of Sensitive Information into Log File vulnerability CWE-532 in FortiOS 7.6.0 through 7.6.3, 7.4 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an attacker with at least read-only privileges to retrieve sensitive 2FA-related information via observing log...

CVE-2025-31514

An Insertion of Sensitive Information into Log File vulnerability CWE-532 in FortiOS 7.6.0 through 7.6.3, 7.4 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an attacker with at least read-only privileges to retrieve sensitive 2FA-related information via observing log...

CVE-2025-31514

An Insertion of Sensitive Information into Log File vulnerability CWE-532 in FortiOS 7.6.0 through 7.6.3, 7.4 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an attacker with at least read-only privileges to retrieve sensitive 2FA-related information via observing log...

CVE-2025-31514

FortiOS contains an information-disclosure flaw (CWE-532) that allows a privileged attacker with at least read-only access to retrieve sensitive 2FA-related data by reading logs or using the diagnose command. Affected products and versions include FortiOS 7.6.0–7.6.3, and all versions of 7.4, 7.2...

PT-2025-41952

Name of the Vulnerable Software and Affected Versions FortiOS versions 6.4 through 7.0, 7.2, 7.4, and 7.6.0 through 7.6.3 Description An issue exists where sensitive two-factor authentication 2FA related information may be exposed. An attacker with read-only privileges could potentially retrieve...

Fortinet FortiOS 日志信息泄露漏洞

Fortinet FortiOS is a set of security operating systems dedicated to the FortiGate network security platform from the U.S. company Fiat Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A log information...

Fortinet Fortigate Insertion of Sensitive 2FA Information in logs and debug command (FG-IR-24-452)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-452 advisory. - An Insertion of Sensitive Information into Log File vulnerability CWE-532 in FortiOS may allow an attacker with at least...