CWE-532— Insertion of Sensitive Information into Log File
The product writes sensitive information to a log file.— MITRE CWE catalog
1,106 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-532page 23 of 23
- CVE-2026-8482MEDIUMCVSS 4.3EG 4.32026-07-02
A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 (included), 4.8.0 to 4.8.15 (included) , 5.0.0 to 5.0.5 (included) There is a possible leak of secret information if administration commands have been passed w…
- CVE-2026-8671HIGHCVSS 7.5EG 7.52026-05-26
Insertion of sensitive information into log file vulnerability in syslink software AG Avantra on Linux, Windows allows Resource Leak Exposure. This issue affects Avantra: before 25.3.0.
- CVE-2026-9073MEDIUMCVSS 6.2EG 6.22026-06-23
A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authentication data. One mechanism logs session identifiers, which are treated as authentication credenti…
- CVE-2026-9699MEDIUMCVSS 6.8EG 6.82026-06-26
Mattermost Plugins versions <=11.6 10.18.11 11.3.6 11.6.5.0 fail to sanitize error responses from the OpenAI API before logging, which allows a user with access to server logs or support packets to obtain a valid or partially reconstructab…
- CVE-2026-9735MEDIUMCVSS 5.5EG 5.52026-06-09
MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication. When connection health metric logging is enabled, the full authentication parameters are written to the log without reda…
- CVE-2026-9751MEDIUMCVSS 5.5EG 5.52026-06-09
The ldapQueryPassword parameter, when set through the runtime setParameter command, will log the new password to the mongod.log file in plain text.
Map vulnerabilities like CWE-532 to your infrastructure
EchelonGraph correlates every CVE — across CWE-532 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →