CWE-532— Insertion of Sensitive Information into Log File
The product writes sensitive information to a log file.— MITRE CWE catalog
1,106 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-532page 22 of 23
- CVE-2026-28923HIGHCVSS 8.8EG 8.82026-05-11
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox.
- CVE-2026-28943HIGHCVSS 7.5EG 7.52026-05-11
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be …
- CVE-2026-28987HIGHCVSS 7.5EG 7.52026-05-11
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be …
- CVE-2026-31987HIGHCVSS 7.5EG 7.52026-04-16
JWT Tokens used by tasks were exposed in logs. This could allow UI users to act as Dag Authors. Users are advised to upgrade to Airflow version that contains fix. Users are recommended to upgrade to version 3.2.0, which fixes this issue.
- CVE-2026-32215MEDIUMCVSS 5.5EG 5.52026-04-14
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
- CVE-2026-32217MEDIUMCVSS 5.5EG 5.52026-04-14
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
- CVE-2026-32218MEDIUMCVSS 5.5EG 5.52026-04-14
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.
- CVE-2026-32982HIGHCVSS 7.5EG 7.52026-03-31
OpenClaw before 2026.3.13 contains an information disclosure vulnerability in the fetchRemoteMedia function that exposes Telegram bot tokens in error messages. When media downloads fail, the original Telegram file URLs containing bot token…
- CVE-2026-32996HIGHCVSS 7.3EG 7.32026-05-28
This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation.
- CVE-2026-34164MEDIUMCVSS 4.9EG 4.92026-04-16
Valtimo is an open-source business process automation platform. In versions 13.0.0 through 13.21.0, the InboxHandlingService logs the full content of every incoming inbox message at INFO level. Inbox messages can contain highly sensitive i…
- CVE-2026-34487HIGHCVSS 7.5EG 7.52026-04-09
Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 1…
- CVE-2026-35185HIGHCVSS 7.5EG 7.52026-04-06
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to 25.0.0, the /server-status endpoint is publicly accessible and exposes sensitive information including authentication tokens (user_token), user activity, client …
- CVE-2026-40091MEDIUMCVSS 6.0EG 6.02026-04-15
SpiceDB is an open source database system for creating and managing security-critical application permissions. In versions 1.49.0 through 1.51.0, when SpiceDB starts with log level info, the startup "configuration" log will include the ful…
- CVE-2026-40619HIGHCVSS 7.8EG 7.82026-06-02
A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Ge…
- CVE-2026-40945HIGHCVSS 8.7EG 8.72026-04-21
Oxia is a metadata store and coordination system. Prior to 0.16.2, when OIDC authentication fails, the full bearer token is logged at DEBUG level in plaintext. If debug logging is enabled in production, JWT tokens are exposed in applicatio…
- CVE-2026-41004MEDIUMCVSS 4.4EG 4.42026-05-07
When enabling trace logging in Spring Cloud Config Server sensitive information was placed in plain text in the logs. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgrade to 3.1.14 or greater (Enterprise Suppo…
- CVE-2026-41018MEDIUMCVSS 6.5EG 6.52026-05-11
The Elasticsearch logging provider, when configured with a `host` URL that embeds credentials (for example `https://user:[email protected]:9200`), wrote the full host URL — including the embedded credentials — into task logs.…
- CVE-2026-41182MEDIUMCVSS 5.3EG 5.32026-04-23
LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to version 0.5.19 of the JavaScript SDK and version 0.7.31 of the Python SDK, the LangSmith SDK's output redaction controls (hideOutputs in JS, hide_out…
- CVE-2026-41184MEDIUMCVSS 6.5EG 6.52026-05-28
In Calico, the install-cni init container logs the rendered CNI configuration to standard output. When the configuration template uses the __SERVICEACCOUNT_TOKEN__ placeholder (Canal/Flannel-Calico deployments), the installer substitutes t…
- CVE-2026-41185MEDIUMCVSS 6.5EG 6.52026-05-28
When Calico is configured with the Azure IPAM plugin, the Calico CNI binary mutates the incoming CNI configuration to attach subnet information before delegating to the IPAM plugin. After mutating, the Azure IPAM helper logs the entire unm…
- CVE-2026-41219MEDIUMCVSS 6.5EG 6.52026-05-13
An improper sanitization vulnerability exists in the BIG-IP QKView utility that allows a low-privileged attacker to read sensitive information from a QKView file. Note: Software versions which have reached End of Technical Support (Eo…
- CVE-2026-41495MEDIUMCVSS 5.3EG 5.32026-05-08
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to version 2.47.11, when n8n-mcp runs in HTTP transport mode, incoming requests to the POST /mcp endpoint had their re…
- CVE-2026-42282MEDIUMCVSS 4.3EG 4.32026-05-08
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to version 2.47.13, when n8n-mcp runs in HTTP transport mode, authenticated MCP tools/call requests had their full arg…
- CVE-2026-43826MEDIUMCVSS 6.5EG 6.52026-05-11
The OpenSearch logging provider, when configured with a `host` URL that embeds credentials (for example `https://user:[email protected]:9200`), wrote the full host URL — including the embedded credentials — into task logs. An…
- CVE-2026-43992CRITICALCVSS 9.8EG 9.82026-05-12
JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, every MCP write tool (send_tokens, execute_contract, instantiate_contract, upload_wasm, ibc_transfer, etc.) accepted 'mnemonic: string' as an explicit too…
- CVE-2026-44052HIGHCVSS 7.5EG 7.52026-05-21
Netatalk 2.1.0 through 4.4.2 inserts LDAP simple-bind passwords into log output in cleartext, which allows an attacker with access to the log files to obtain LDAP credentials.
- CVE-2026-44479MEDIUMCVSS 5.5EG 5.52026-05-13
Vercel’s AI Cloud is a unified platform for building modern applications. From 50.16.0 to 52.0.0, hen the Vercel CLI runs in non-interactive mode (--non-interactive or auto-detected AI agent), commands that cannot complete autonomously …
- CVE-2026-44516HIGHCVSS 7.6EG 7.62026-05-14
Valtimo is an open-source business process automation platform. From 12.4.0 to 12.33.0 and 13.26.0, the LoggingRestClientCustomizer in the web module automatically intercepts all outgoing HTTP calls made via Spring's RestClient and logs th…
- CVE-2026-45040MEDIUMCVSS 5.3EG 5.32026-05-28
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, RustFS suffers from sensitive information leakage in log outputs. When the server is run with RUST_LOG=debug sensitive credentials including SessionToken (…
- CVE-2026-45581MEDIUMCVSS 5.5EG 5.52026-05-19
fabric-chaincode-java is a Java based implementation of Hyperledger Fabric chaincode shim APIs. From version 2.3.1 to before version 2.5.10, when chaincode is deployed in chaincode-as-a-service mode with TLS enabled, the chaincode server I…
- CVE-2026-45679MEDIUMCVSS 6.5EG 6.52026-05-18
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI exports raw Redis error text as the span status message. Because Redis error replies can contain attacker-con…
- CVE-2026-46467MEDIUMCVSS 5.8EG 5.82026-07-03
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an insertion of se…
- CVE-2026-4788HIGHCVSS 8.4EG 8.42026-04-08
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user.
- CVE-2026-4901MEDIUMCVSS 6.5EG 6.52026-04-09
Hydrosystem Control System saves sensitive information into a log file. Critically, user credentials are logged allowing the attacker to obtain further authorized access into the system. Combined with vulnerability CVE-2026-34184, these se…
- CVE-2026-49088MEDIUMCVSS 4.4EG 4.42026-07-01
Insertion of Sensitive Information into Log File (CWE-532) in Kibana can lead to information disclosure. When the optional application performance monitoring (APM) instrumentation is enabled, sensitive request header values could be record…
- CVE-2026-49200CRITICALCVSS 9.8EG 9.82026-05-29
The acer_cgi.log file in the device firmware is accessible without authentication via the web interface. This file contains cleartext login credentials (for web and Telnet), leading to unauthorized system access.
- CVE-2026-4957LOWCVSS 2.7EG 2.72026-03-27
A flaw has been found in OpenBMB XAgent 1.0.0. The impacted element is the function FunctionHandler.handle_tool_call of the file XAgent/function_handler.py of the component API Key Handler. This manipulation of the argument api_key causes …
- CVE-2026-50205HIGHCVSS 8.2EG 8.22026-06-04
System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data.
- CVE-2026-54236MEDIUMCVSS 5.3EG 5.32026-06-17
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, the fix for CVE-2026-22778, which introduced a sanitize_message helper that strips object-repr memory addresses from error messages before they r…
- CVE-2026-54652HIGHCVSS 8.1EG 8.12026-07-08
Frigate is an open source network video recorder. In version 0.17.1, the GET /api/logs/{service} endpoint allows any authenticated user including the viewer role to download Frigate and nginx logs, exposing auto-generated admin passwords a…
- CVE-2026-54704MEDIUMCVSS 6.5EG 6.52026-07-01
OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.28.0, the JDBC auto-instrumentation may fail to sanitize passwords in SQL CONNECT statements when…
- CVE-2026-54711LOWCVSS 0.0EG 0.02026-06-18
PGHoard: Password written to debug log ### Impact When using .pgpass, database connection information including the username and password will be logged at the debug level. ### Patches Upgrade to version 2.7.1 or greater. ### Workaround…
- CVE-2026-5515MEDIUMCVSS 5.5EG 5.52026-05-27
IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user.
- CVE-2026-56457MEDIUMCVSS 4.3EG 4.32026-06-29
HCL DevOps Deploy / HCL Launch is susceptible to an exposure of sensitive information vulnerability in output logs. This exposure could allow an attacker with access to the logs to potentially obtain sensitive values related to that step.
- CVE-2026-56459MEDIUMCVSS 5.5EG 6.22026-07-09
HCL DevOps Deploy / HCL Launch is susceptible to sensitive information disclosure. The application stores potentially sensitive information in log files that could be read by a local user.
- CVE-2026-59947MEDIUMCVSS 4.7EG 4.72026-07-08
Composer is a dependency Manager for the PHP language. Prior to 2.2.29 and 2.10.2, when Composer is run with -vvv debug verbosity, it could print a credential embedded in the username slot of a repository or package URL, such as a GitHub P…
- CVE-2026-6720HIGHCVSS 7.2EG 7.22026-05-28
When calicoctl is invoked with --log-level=info or --log-level=debug, the client prints the full contents of its loaded connection-configuration struct to stderr in a single log line. The struct embeds every credential calicoctl uses to ta…
- CVE-2026-7824MEDIUMCVSS 5.9EG 5.92026-05-05
An issue was discovered in the PaperCut Hive Ricoh embedded application. When the "Deep Logging" (diagnostic) mode is enabled, the application inadvertently records administrative credentials in plain text within the log files. An attac…
- CVE-2026-8200LOWCVSS 2.7EG 2.72026-05-13
When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. This issue impacts MongoDB Server v7.0 version…
- CVE-2026-8330MEDIUMCVSS 4.4EG 4.42026-06-25
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed sensitive information to be written to application l…
Map vulnerabilities like CWE-532 to your infrastructure
EchelonGraph correlates every CVE — across CWE-532 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →