CVE-2026-0936
MEDIUMSeverity by source
AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
An Insertion of Sensitive Information into Log File vulnerability in B&R PVI client versions prior to 6.5 may be abused by an authenticated local attacker to gather credential information which is processed by the PVI client application. The logging function of the PVI client application is disabled by default and must be explicitly enabled by the user.
AnalysisAI
R PVI client versions up to 6.5 is affected by insertion of sensitive information into log file (CVSS 5.0).
Technical ContextAI
This vulnerability (CWE-532: Insertion of Sensitive Information into Log File) affects R PVI client. An Insertion of Sensitive Information into Log File vulnerability in B&R PVI client versions prior to 6.5 may be abused by an authenticated local attacker to gather credential information which is processed by the PVI client application. The logging function of the PVI client application is disabled by default and must be explicitly enabled by the user.
Affected ProductsAI
Product: R PVI client. Versions: up to 6.5.
RemediationAI
Monitor vendor advisories for a patch.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today