Linode Provider

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-27900 MEDIUM PATCH This Month

The Terraform Provider for Linode prior to version 3.9.0 exposes sensitive credentials including passwords and API tokens in debug logs when debug logging is explicitly enabled. Authenticated attackers with access to these logs through CI/CD pipelines, log aggregation systems, or shared debug output can extract exposed secrets. This vulnerability requires an authenticated user and debug logging activation, making it exploitable primarily in environments where logging is intentionally enabled for troubleshooting.

Information Disclosure Linode Provider Suse
NVD GitHub
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-27900
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The Terraform Provider for Linode prior to version 3.9.0 exposes sensitive credentials including passwords and API tokens in debug logs when debug logging is explicitly enabled. Authenticated attackers with access to these logs through CI/CD pipelines, log aggregation systems, or shared debug output can extract exposed secrets. This vulnerability requires an authenticated user and debug logging activation, making it exploitable primarily in environments where logging is intentionally enabled for troubleshooting.

Information Disclosure Linode Provider Suse
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy