Skip to main content

CWE-526

Cleartext Storage of Sensitive Information in an Environment Variable

18 CVEs Avg CVSS 6.0 MITRE
0
CRITICAL
5
HIGH
13
MEDIUM
0
LOW
3
POC
0
KEV

Monthly

CVE-2026-49377 MEDIUM PATCH This Month

Sensitive data exposure in JetBrains TeamCity before 2025.11.2 allows authenticated low-privileged users to read confidential values stored in default build agent parameters. The root cause (CWE-526) indicates that sensitive information - such as API keys, tokens, or credentials - is passed or stored through agent environment/configuration parameters without adequate access restrictions. With a CVSS score of 4.3 and no public exploit or KEV listing, this represents a moderate-priority information disclosure risk, most dangerous in environments where agent parameters are used to propagate secrets across pipelines.

Information Disclosure Teamcity
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-45370 PyPI HIGH POC PATCH GHSA This Week

python-utcp CLI subprocess environment passes all process-level secrets to every tool call. When chained with CVE-2026-45369 command injection, remote authenticated attackers with low-privilege LLM tool access can exfiltrate AWS credentials, API keys, database URLs, and other environment variables in a single HTTP request. Patch available in version 1.1.2 (NVD references 1.1.3 as fixed version). GitHub security advisory confirms proof-of-concept demonstrating credential theft via env dump to attacker-controlled endpoint.

Python Information Disclosure
NVD GitHub VulDB
CVSS 3.1
7.7
EPSS
0.0%
CVE-2026-40153 PyPI HIGH PATCH GHSA This Week

Environment variable exfiltration in PraisonAIAgents versions prior to 1.5.128 allows unauthenticated remote attackers to steal secrets (database credentials, API keys, cloud access keys) through shell_tools.py execute_command function. The vulnerability leverages deceptive command approval where unexpanded $VAR references shown to human reviewers differ from executed commands containing expanded environment variable values. Requires user interaction. No public exploit identified at time of analysis.

Information Disclosure Praisonaiagents
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2025-36105 MEDIUM This Month

IBM Planning Analytics Advanced Certified Containers 3.1.0 versions up to 3.1.4 contains a vulnerability that allows attackers to a local privileged user to obtain sensitive information from environment variabl (CVSS 4.4).

IBM Information Disclosure
NVD VulDB
CVSS 3.1
4.4
EPSS
0.0%
CVE-2025-27899 MEDIUM PATCH This Month

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 discloses sensitive information in an environment variable that could aid in further attacks against the system. [CVSS 5.3 MEDIUM]

IBM Db2 Recovery Expert
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-36017 MEDIUM This Month

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 stores unencrypted sensitive information in environmental variables files which can be obtained by an authenticated user.

IBM Information Disclosure Controller
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-9162 Maven MEDIUM PATCH Monitor

A flaw was found in org.keycloak/keycloak-model-storage-service. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Red Hat
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2025-28381 PyPI HIGH POC This Week

A security vulnerability in OpenC3 COSMOS (CVSS 7.5) that allows attackers. Risk factors: public PoC available.

Information Disclosure Cosmos
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2023-43029 MEDIUM This Month

IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure IBM Storage Virtualize Plugin For Vsphere
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2024-12604 MEDIUM This Month

Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap&Sign App allows Password Recovery Exploitation, Functionality Misuse.This issue affects Tap&Sign App: before V.1.025. [CVSS 6.5 MEDIUM]

Information Disclosure
NVD VulDB
CVSS 3.1
6.5
EPSS
0.1%
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Sensitive data exposure in JetBrains TeamCity before 2025.11.2 allows authenticated low-privileged users to read confidential values stored in default build agent parameters. The root cause (CWE-526) indicates that sensitive information - such as API keys, tokens, or credentials - is passed or stored through agent environment/configuration parameters without adequate access restrictions. With a CVSS score of 4.3 and no public exploit or KEV listing, this represents a moderate-priority information disclosure risk, most dangerous in environments where agent parameters are used to propagate secrets across pipelines.

Information Disclosure Teamcity
NVD VulDB
EPSS 0% CVSS 7.7
HIGH POC PATCH This Week

python-utcp CLI subprocess environment passes all process-level secrets to every tool call. When chained with CVE-2026-45369 command injection, remote authenticated attackers with low-privilege LLM tool access can exfiltrate AWS credentials, API keys, database URLs, and other environment variables in a single HTTP request. Patch available in version 1.1.2 (NVD references 1.1.3 as fixed version). GitHub security advisory confirms proof-of-concept demonstrating credential theft via env dump to attacker-controlled endpoint.

Python Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 7.4
HIGH PATCH This Week

Environment variable exfiltration in PraisonAIAgents versions prior to 1.5.128 allows unauthenticated remote attackers to steal secrets (database credentials, API keys, cloud access keys) through shell_tools.py execute_command function. The vulnerability leverages deceptive command approval where unexpanded $VAR references shown to human reviewers differ from executed commands containing expanded environment variable values. Requires user interaction. No public exploit identified at time of analysis.

Information Disclosure Praisonaiagents
NVD GitHub
EPSS 0% CVSS 4.4
MEDIUM This Month

IBM Planning Analytics Advanced Certified Containers 3.1.0 versions up to 3.1.4 contains a vulnerability that allows attackers to a local privileged user to obtain sensitive information from environment variabl (CVSS 4.4).

IBM Information Disclosure
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 discloses sensitive information in an environment variable that could aid in further attacks against the system. [CVSS 5.3 MEDIUM]

IBM Db2 Recovery Expert
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 stores unencrypted sensitive information in environmental variables files which can be obtained by an authenticated user.

IBM Information Disclosure Controller
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH Monitor

A flaw was found in org.keycloak/keycloak-model-storage-service. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Red Hat
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

A security vulnerability in OpenC3 COSMOS (CVSS 7.5) that allows attackers. Risk factors: public PoC available.

Information Disclosure Cosmos
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM This Month

IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure IBM Storage Virtualize Plugin For Vsphere
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap&Sign App allows Password Recovery Exploitation, Functionality Misuse.This issue affects Tap&Sign App: before V.1.025. [CVSS 6.5 MEDIUM]

Information Disclosure
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy