Search Vulnerabilities

Community.general: community.general nexmo — api credentials exposed in get url query string[security] community.general nexmo — api credentials ex...

Community.general: community.general keyring_info — os keyring passphrase returned in plaintext

Foreman-mcp-server: mcp server: insecure sensitive http header sanitization

vLLM: incomplete CVE-2026-22778 fix leaks PIL repr addresses via Anthropic router

GlobalProtect App: Information Exposure Vulnerability on macOS

Keyfile contents are in MongoDB Server logs

Sensitive data could be written to mongod.log

fabric-chaincode-java: TLS Private Key Password Disclosed in INFO Startup Logs in Chaincode-as-a-Service Mode

Plaintext Log Credential Leakage

OpenTelemetry eBPF Instrumentation: Redis error text is exported in span status messages

A high security vulnerability affecting Security Center main server installations has been identified

Acer Wave 7 router: Broken Access Control

RustFS: Sensitive Information Leakage (SessionToken and SecretAccessKey) in RustFS Logs [Debug Mode]

ServiceAccount token disclosure via Azure IPAM CNI plugin logs

Calicoctl leaks cluster credentials to stderr when verbose logging is enabled

ServiceAccount token disclosure via install-cni container logs

This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation

Multiple vulnerabilities in IBM MQ Operator and Queue manager container images

IBM® Db2® is vulnerable to credential exposure in db2diag when executing specific testcase buckets

Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials expo...