Information Disclosure
Information disclosure occurs when an application unintentionally exposes sensitive data that aids attackers in reconnaissance or directly compromises security.
How It Works
Information disclosure occurs when an application unintentionally exposes sensitive data that aids attackers in reconnaissance or directly compromises security. This happens through multiple channels: verbose error messages that display stack traces revealing internal paths and frameworks, improperly secured debug endpoints left active in production, and misconfigured servers that expose directory listings or version control artifacts like .git folders. APIs often leak excessive data in responses—returning full user objects when only a name is needed, or revealing system internals through metadata fields.
Attackers exploit these exposures systematically. They probe for common sensitive files (.env, config.php, backup archives), trigger error conditions to extract framework details, and analyze response timing or content differences to enumerate valid usernames or resources. Even subtle variations—like "invalid password" versus "user not found"—enable account enumeration. Exposed configuration files frequently contain database credentials, API keys, or internal service URLs that unlock further attack vectors.
The attack flow typically starts with passive reconnaissance: examining HTTP headers, JavaScript bundles, and public endpoints for version information and architecture clues. Active probing follows—testing predictable paths, manipulating parameters to trigger exceptions, and comparing responses across similar requests to identify information leakage patterns.
Impact
- Credential compromise: Exposed configuration files, hardcoded secrets in source code, or API keys enable direct authentication bypass
- Attack surface mapping: Stack traces, framework versions, and internal paths help attackers craft targeted exploits for known vulnerabilities
- Data breach: Direct exposure of user data, payment information, or proprietary business logic through oversharing APIs or accessible backups
- Privilege escalation pathway: Internal URLs, service discovery information, and architecture details facilitate lateral movement and SSRF attacks
- Compliance violations: GDPR, PCI-DSS, and HIPAA penalties for exposing regulated data through preventable disclosures
Real-World Examples
A major Git repository exposure affected thousands of websites when .git folders remained accessible on production servers, allowing attackers to reconstruct entire source code histories including deleted commits containing credentials. Tools like GitDumper automated mass exploitation of this misconfiguration.
Cloud storage misconfigurations have repeatedly exposed sensitive data when companies left S3 buckets or Azure Blob containers publicly readable. One incident exposed 150 million voter records because verbose API error messages revealed the storage URL structure, and no authentication was required.
Framework debug modes left enabled in production have caused numerous breaches. Django's DEBUG=True setting exposed complete stack traces with database queries and environment variables, while Laravel's debug pages revealed encryption keys through the APP_KEY variable in environment dumps.
Mitigation
- Generic error pages: Return uniform error messages to users; log detailed exceptions server-side only
- Disable debug modes: Enforce production configurations that suppress stack traces, verbose logging, and debug endpoints through deployment automation
- Access control audits: Restrict or remove development artifacts (
.git, backup files,phpinfo()) and internal endpoints before deployment - Response minimization: API responses should return only necessary fields; implement allowlists rather than blocklists for data exposure
- Security headers: Deploy
X-Content-Type-Options, remove server version banners, and disable directory indexing - Timing consistency: Ensure authentication and validation responses take uniform time regardless of input validity
Recent CVEs (66650)
Insufficient data exists to characterize CVE-2026-53588 meaningfully. The only available intelligence signal is attribution to the Ubuntu vendor source; no description, CVSS vector, CWE classification, or reference URLs were provided in the input. Security teams cannot assess impact, affected versions, or exploitability from the current data. Monitor Ubuntu Security Notices (USN) and the NVD entry for this CVE as details are published.
CVE-2026-45098 has no publicly available description, CVSS score, CWE classification, or technical details at time of analysis. The sole intelligence signal is a vendor:ubuntu source attribution, which may indicate the vulnerability was reported through Ubuntu's security tracker or affects an Ubuntu-packaged component. No impact, affected versions, attack vector, or exploitation status can be determined from available data.
CVE-2026-58387 is attributed to Ubuntu (vendor source) but no description, CVSS score, CWE classification, or technical details are available in the provided intelligence data. The nature, impact, and exploitability of this vulnerability cannot be characterized at this time. No assessment of attacker capability, affected versions, or real-world risk is possible without additional data.
CVE-2026-45096 has been assigned and attributed to Ubuntu (vendor source) but no description, CVSS score, vector, or CWE data is available at time of analysis. The vulnerability cannot be characterized beyond its association with the Ubuntu vendor track. Security teams should treat this as a placeholder record requiring active monitoring for descriptor updates from Canonical or NVD before any triage or remediation action can be taken.
CVE-2026-44178 affects Ubuntu (reported by the Ubuntu vendor) but no description, CVSS score, vector, or CWE data is available in the provided intelligence. The vulnerability details, impact scope, and exploitation conditions cannot be characterized without a description. This record should be treated as incomplete pending enrichment from NVD, Ubuntu Security Notices (USN), or CISA.
CVE-2026-57157 has no published description, CVSS score, or CWE at time of analysis. The sole intelligence signal is a vendor report attributed to Ubuntu, indicating the vulnerability may affect a package in the Ubuntu ecosystem. No impact, affected versions, attack vector, or exploitation details can be determined from the available data. This analysis cannot characterize the vulnerability beyond acknowledging its existence and Ubuntu provenance.
CVE-2026-41252 has been reported via the Ubuntu vendor channel, but no description, CVSS score, CWE classification, CPE data, or advisory references are available at this time. The affected product, vulnerability class, and impact cannot be determined from the provided intelligence. No exploitation status, patch availability, or technical details have been disclosed.
CVE-2026-45093 is a vulnerability reported by Ubuntu with no description, CVSS score, vector, or CWE available at time of analysis. The affected product, impact class, and exploitation conditions are entirely unknown from provided intelligence. No meaningful risk characterization is possible without additional vendor disclosure.
Insufficient intelligence data exists to characterize CVE-2026-42218 beyond its association with the Ubuntu vendor source. No description, CVSS vector, CWE classification, or additional references were provided, making a substantive impact assessment impossible. Security teams should query Ubuntu Security Notices (USN) or the Ubuntu CVE Tracker directly for authoritative details on affected packages and severity.
Insufficient data exists to characterize CVE-2026-45097 at this time. The only available intelligence signal is a vendor attribution to Ubuntu, with no description, CVSS score, CWE classification, or references provided. No independent synthesis is possible without a vulnerability description, affected version range, or technical details.
Insufficient data exists to characterize CVE-2026-57158 meaningfully. The CVE description is absent, no CVSS vector or score has been published, and the only available intelligence signal is a single vendor source tag ('vendor:ubuntu'). No impact, attack vector, or affected component can be determined from the provided data. Security teams should treat this as an unresolved entry requiring direct vendor advisory lookup before any risk decision is made.
Insufficient public data exists to characterize CVE-2026-45092 with analytical confidence. The only intelligence signal available is a vendor report attributed to Ubuntu; no description, CVSS vector, CWE, CPE, EPSS score, KEV status, or reference URLs were supplied. No public exploit has been identified at time of analysis. This record should be treated as a placeholder requiring enrichment before any prioritization decision is made.
Insufficient data exists to characterize CVE-2026-55063 meaningfully. The sole intelligence signal is a vendor tag of 'ubuntu', suggesting the affected product may reside in the Ubuntu ecosystem, but no description, CVSS vector, CWE classification, or advisory has been provided. No impact, attack vector, affected versions, or exploitation conditions can be determined from the available data. Security teams should treat this record as unresolved until a vendor advisory or NVD enrichment is available.
Cross-origin WebSocket hijacking in the Cline Hub dashboard server (the process started by `cline dashboard`) before version 3.0.30 lets a malicious website drive an active local Cline session. Because the /browser WebSocket endpoint does not validate the Origin header and isAuthorizedBrowserRequest() trusts any request when ROOM_SECRET is unset on a 127.0.0.1 bind, any site a victim visits can send desktopCommand frames to read workspace state, alter MCP and provider/model settings, and-when a provider or model is configured-invoke command execution on the developer's machine. There is no public exploit identified at time of analysis and it is not in CISA KEV; the flaw is a classic origin-validation gap (CWE-346) fixed in 3.0.30.
Sandbox escape in Google Chrome on Windows prior to 150.0.7871.115 allows an attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page, chaining a codec input-validation flaw into higher-privileged host-process compromise. The bug is rated High by Chromium and carries a CVSS 8.3 with a scope-changing vector reflecting the sandbox-boundary crossing. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Sandbox escape in Google Chrome's GetUserMedia (WebRTC media capture) implementation allows an attacker who has already compromised the renderer process to break out of the browser sandbox by exploiting a race condition via a crafted HTML page, affecting all desktop Chrome builds prior to 150.0.7871.115. Rated High by Chromium and scored CVSS 8.3, this is a second-stage exploitation primitive typically chained after an initial renderer RCE; no public exploit identified at time of analysis and it is not listed in CISA KEV. A vendor patch is available in the 150.0.7871.115 Stable channel release.
Heap corruption in Google Chrome's Codecs component allows a remote attacker to trigger out-of-bounds read and write operations by luring a victim to open or play a crafted video file, affecting all desktop builds prior to 150.0.7871.115. Rated High by Chromium and CVSS 8.8, it requires user interaction (viewing malicious media) but no privileges, and combines information disclosure with potential memory corruption that could lead to code execution. No public exploit identified at time of analysis, and it is not listed in CISA KEV.
Uninitialized memory use in Chrome's ANGLE graphics layer exposes potentially sensitive process memory contents to remote attackers across all desktop Chrome versions prior to 150.0.7871.115. The flaw is triggered by a crafted HTML page requiring user interaction, limiting automated mass exploitation - consistent with SSVC classifying it as non-automatable with partial technical impact. No public exploit code exists and EPSS sits at 0.18% (7th percentile), but Chrome's ubiquitous deployment footprint and the high confidentiality impact still justify prompt patching.
Information disclosure in Wireshark's BLF file parser affects versions 4.6.0-4.6.6 and 4.4.0-4.4.16, stemming from use of an uninitialized variable (CWE-457) that may expose portions of process memory when parsing a crafted BLF file. Exploitation is constrained by a local attack vector, high attack complexity, and mandatory user interaction - a victim must actively open a malicious file. With a CVSS score of 2.5, no CISA KEV listing, and no public exploit identified at time of analysis, this is a low-priority finding with a narrow, socially-engineered attack surface.
Certificate revocation bypass in etcd affects clusters running versions before 3.5.32 and before 3.6.13 that are configured with --listen-client-http-urls to serve HTTP and gRPC client traffic on separate listeners. In that split-listener mode the --client-crl-file Certificate Revocation List is silently ignored on the gRPC listener, so a client presenting a certificate the operator has explicitly revoked can still complete mutual-TLS authentication and gain full read/write access to the key-value store. There is no public exploit identified at time of analysis and EPSS is low (0.36%), but the technical impact is total for anyone relying on CRL-based deauthorization.
Wasmtime's WASI filesystem implementation allows a sandboxed WebAssembly guest to overwrite host files that were intentionally exposed as read-only preopens. The wasmtime-wasi component checks directory-level permissions during hard-link creation (path_link) and rename (path_rename) operations but fails to verify that the source and destination preopens carry matching FilePerms flags - meaning FilePerms::READ enforcement is bypassed at the operation level. Affected versions span multiple major release trains (prior to 24.0.11, 36.0.12, 45.0.3, and 46.0.1); no public exploit code or CISA KEV listing is present at time of analysis, but the scope change from guest sandbox to host filesystem makes this a meaningful sandbox-escape class defect.
LiveQuery in Parse Server leaks unauthorized object field values to authenticated subscribers when a single save operation simultaneously modifies a sensitive field and the subscriber's ACL read access, because leave and enter events are built from the wrong object state. Affected deployments run parse-server below 8.6.83 (stable branch) or below 9.9.1-alpha.13 (v9 alpha branch) with LiveQuery enabled. The CVSS 4.0 score of 2.3 and AT:P prerequisite correctly reflect that exploitation is constrained to a specific co-mutation timing condition; no public exploit identified and no KEV listing exists at time of analysis.
Denial of service in Parse Server (versions prior to 8.6.82 and 9.9.1-alpha.12) allows remote attackers to hang the Node.js event loop by submitting deeply nested $or, $and, or $nor query operators through the REST API or LiveQuery interface, triggering exponential-time processing in the internal query-traversal helper. Because the vulnerable code path is reachable without authentication and consumes CPU without bound, a single crafted request can render the backend unresponsive to all clients. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Denial of service in the Elysia TypeScript web framework (versions prior to 1.4.29) lets remote unauthenticated attackers exhaust server CPU by submitting multipart/form-data requests containing many unique key-value pairs. Elysia's form-data normalization uses getAll in a way that scales quadratically with the number of fields, so a single crafted request can consume disproportionate processing time and stall the event loop. A public technical write-up demonstrating the quadratic behavior exists, but there is no evidence of active exploitation; EPSS was not provided.
Credential disclosure in GitLab Enterprise Edition allows an authenticated maintainer-role user to retrieve another user's stored credentials through insufficient authorization controls. All GitLab EE versions from 9.5 through the patched releases (18.11.7, 19.0.4, and 19.1.2) are affected, representing a broad historical exposure window spanning multiple major releases. No public exploit identified at time of analysis; the vulnerability was disclosed via HackerOne responsible disclosure (report 3720483), and GitLab has issued patched versions.
Content spoofing in GitLab CE/EE versions 16.5 through 18.x, 19.0, and 19.1 allows authenticated users to construct repositories where the web interface renders content that diverges from the actual downloadable source, exploiting improper Git reference name resolution (CWE-706). The CVSS score of 3.5 (Low) reflects the authentication requirement (PR:L), mandatory viewer interaction (UI:R), and limited integrity-only impact with no confidentiality or availability consequences. No public exploit code or CISA KEV listing has been identified at time of analysis, placing real-world risk firmly in the low tier despite the broad version range affected.
Broken object-level authorization in the nl-portal-backend-libraries GraphQL API exposes sensitive personal data belonging to arbitrary users to any authenticated caller. Two resolvers - document content retrieval (all published versions of nl.nl-portal:documenten-api since 0.2.2.RELEASE, 2023) and the besluiten (decisions) module (nl.nl-portal:besluiten 1.5.0-3.0.0) - were declared without a CommonGroundAuthentication parameter, causing the Spring framework to never bind the authenticated principal into the call path and leaving ownership checks impossible at the resolver level. The two endpoints chain naturally: an attacker enumerates decision records and their attached document IDs via the besluit queries, then exfiltrates raw document content through the document endpoint; decisions frequently contain government benefit, permit, and objection rulings, giving the exposure high real-world sensitivity. No public exploit has been identified at time of analysis, and this was discovered during a structured penetration testing engagement in May 2026.
Differential extraction in async-tar 0.6.0 enables content-smuggling attacks against scan-then-extract pipelines: an attacker who controls the bytes of a tar stream can construct an archive that GNU-tar-based AV scanners see as a single benign blob while async-tar writes a distinct executable payload to disk that the scanner never inspected. The root cause is in poll_next_raw (src/archive.rs), which mis-applies a buffered PAX local-extension size record to an intermediary GNU longname (L) header rather than restricting the override to the following file entry, desyncing the stream cursor from any POSIX-correct parser. No public exploitation in the wild or CISA KEV listing has been identified, but a fully functional proof-of-concept with verbatim captured output is included in the advisory, demonstrating the complete x → L → file smuggling sequence.
Sensitive file exfiltration in Composio SDK (the @composio/cli package) before 0.2.32-beta.283 lets attackers steal credential files by abusing a missing path-safety check in the readFileFromDisk function of tool-file-uploads.ts. Because the assertSafeFileUploadPath guard is absent, an attacker who can influence the agent's prompt can manipulate file_uploadable parameters to point at arbitrary paths such as ~/.ssh private keys, causing the CLI to upload those files to attacker-controlled storage. There is no public exploit identified at time of analysis, but the upstream fix, issue, and pull request are all public, which lowers the bar for reproduction.
Container-to-host sandbox escape in HashiCorp Nomad and Nomad Enterprise lets an authenticated job submitter using the Docker task driver bind-mount an arbitrary host path into their container even when volume bind mounts are administratively disabled, enabling read and write access to files on the underlying host. The scope-changing flaw (CVSS 3.1 8.7) affects the Community and Enterprise editions and is fixed in Nomad 2.0.4 (CE), and Enterprise 2.0.4, 1.11.8, and 1.10.14. There is no public exploit identified at time of analysis and it is not on CISA KEV.
Path redirection via the writeToFile template helper in consul-template before 0.42.1 allows a local low-privileged attacker to redirect template output outside the intended destination directory or overwrite existing files on the filesystem. Because consul-template routinely renders sensitive secrets from HashiCorp Vault, Consul, and AWS Secrets Manager into local files, successful exploitation can expose those secrets by redirecting writes to attacker-readable locations. No public exploit code or CISA KEV listing is associated with this vulnerability at time of analysis.
Uncontrolled resource consumption in the smallnest rpcx Go RPC framework (through 1.9.3) lets a single unauthenticated client crash the server by sending a small (<2 MB) gzip-compressed protocol message that decompresses into gigabytes of heap. Because protocol.Message.Decode inflates the payload via util.Unzip during readRequest - before any authentication - and the only size guard (protocol.MaxMessageLength) is checked against the compressed frame rather than the decompressed output, the server exhausts memory and becomes unavailable. Publicly available exploit code exists and a vendor patch (commit 047aec1) has been released; no public evidence of active exploitation at time of analysis.
Cross-site scripting via data URI injection in PasswordPusher before 2.8.1 allows unauthenticated attackers to create URL pushes containing data:text/html payloads that execute arbitrary JavaScript in victims' browsers under the trusted PasswordPusher origin. The root cause is the valid_url function accepting data: URI schemes as valid URLs, meaning any attacker with push creation access can craft a link that, when clicked by a recipient, renders attacker-controlled HTML and JavaScript within the trusted application domain - enabling convincing phishing pages or session cookie harvesting. No public exploit has been identified at time of analysis, but a vendor-released patch (2.8.1) is available per the GitHub security advisory.
SQL/NoSQL query injection in Progress MOVEit Transfer (Custom Reports modules) lets remote unauthenticated attackers manipulate backend data-query logic to read, alter, or destroy managed-file-transfer data across versions before 2025.0.7, 2025.1.3, and 2026.0.0. Rated CVSS 9.8 with full confidentiality, integrity, and availability impact, though real-world exploitation is currently rated low (EPSS 0.22%, CISA SSVC exploitation 'none') and no public exploit has been identified at time of analysis. MOVEit's history as a mass-exploitation target (Cl0p, 2023) makes this a high-priority patch despite the currently quiet threat signal.
Denial of service in the httplib2 Python HTTP client library (all versions prior to 0.32.0) lets a malicious or compromised HTTP server crash the client by returning a small gzip- or deflate-compressed response body that expands without bound during automatic decompression, exhausting memory and triggering a MemoryError or OS OOM-kill. Any application that uses httplib2 to fetch content from untrusted or attacker-controllable endpoints is affected. No public exploit identified at time of analysis; EPSS not provided, but the class is trivially demonstrable and the fix is a one-line-scope behavioral change shipped in 0.32.0.
Credential leakage in Composer PHP dependency manager exposes sensitive tokens - such as GitHub Personal Access Tokens embedded in repository URLs - to debug output when the tool is invoked with the -vvv verbosity flag. Affected versions prior to 2.2.29 (LTS branch) and 2.10.2 fail to sanitize username-slot URL credentials (e.g., https://TOKEN@host/) across three components: AuthHelper, Url::sanitize, and ProcessExecutor. An attacker or co-located user with access to terminal output or CI/CD log artifacts could extract valid authentication tokens from this debug output. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog.
Local filesystem read in LiteLLM's AI Gateway proxy prior to version 1.83.10-stable allows a proxy administrator to exfiltrate files from the server by supplying crafted oidc/file/ path references through the /health/test_connection endpoint. The vulnerability stems from unsanitized resolution of request-supplied environment and OIDC file references within litellm_params, giving a high-privileged caller a direct path to arbitrary file read. No public exploit code or active exploitation has been identified; the low CVSS 4.0 score of 2.1 reflects the high privilege bar and limited confidentiality impact.
Cross-origin information disclosure in the Apache Helix REST service (helix-rest) through 2.0.0 lets a remote attacker who lures an authenticated operator to a malicious web page read responses from and send requests to administrative REST endpoints. The CORSFilter unconditionally returns Access-Control-Allow-Origin: * with Access-Control-Allow-Credentials: true and reflects arbitrary preflight method/header values, defeating the browser same-origin policy. There is no public exploit identified at time of analysis and EPSS risk is low (0.17%, 7th percentile), and it is not on the CISA KEV list.
Uncontrolled memory allocation in pypdf prior to 6.14.0 allows remote, unauthenticated attackers to exhaust host memory by submitting a crafted PDF containing image metadata with inflated declared sizes that vastly exceed the actual embedded image data. Any application that uses pypdf to parse untrusted PDFs is exposed; the library allocates memory proportional to the declared (attacker-controlled) size rather than the actual data length. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog at time of analysis.
Authorization bypass in the Astro web framework version 6.4.7 lets remote unauthenticated attackers reach protected routes by exploiting an inconsistency between how the framework decodes URL paths for auth decisions versus route matching. Because authorization runs against a path that hit the iterative URL-decoder limit while later rewrite matching applies an extra decodeURI(), a request that appears benign at the auth gate resolves to a guarded route afterward, exposing protected content. No public exploit has been identified at time of analysis, but the fix in 6.4.8 and a published GitHub Security Advisory confirm the flaw.
HTTP request smuggling in OpenVPN Access Server 2.7.2 through 3.1.0 enables remote unauthenticated attackers to inject or manipulate backend requests when the Access Server is deployed behind a reverse proxy. The server incorrectly accepts bare line-feed (LF-only, without carriage return) characters inside HTTP header values, creating a parsing discrepancy between the front-end proxy and the Access Server backend - the hallmark of CWE-444. No public exploit has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog; however, the CVSS 4.0 score of 6.9 with integrity impact on both the vulnerable and subsequent systems indicates meaningful risk in typical enterprise VPN gateway deployments fronted by load balancers or reverse proxies.
Predictable heading anchor ID generation in Mistune's toc plugin (all versions prior to 3.3.0) enables same-page navigation hijacking when untrusted Markdown content is rendered. The library assigns sequential numeric identifiers (toc_0, toc_1, etc.) to headings without incorporating heading text, so any party able to inject raw HTML containing a matching id attribute can pre-empt the generated anchor and redirect table-of-contents link targets, CSS selectors, or JavaScript DOM event handlers. No public exploit identified at time of analysis, though the deterministic ID scheme makes collision trivial to engineer once content injection is possible.
Out-of-bounds read in U-Boot's TCP stack (net/tcp.c, tcp_rx_state_machine()) allows remote unauthenticated attackers to corrupt bootloader TCP connection state by sending a crafted packet with deliberately mismatched IP total length and TCP data offset fields. Affected builds span U-Boot through 2026.04-rc3, but only when compiled with CONFIG_PROT_TCP - a non-default option. Impact is disruption of TCP window calculations via corruption of rmt_win_scale and rmt_timestamp variables, potentially breaking network-based boot sequences. No public exploit has been identified at time of analysis, and this vulnerability is not currently listed in CISA KEV.
Server-side rendering in Hono's JSX module (versions 4.11.8 through before 4.12.27) fails to isolate context values per request, enabling cross-request data leakage under concurrent load. When async components yield at an await boundary, the shared context store can be overwritten by a concurrent in-flight request, causing createContext, useContext, jsxRenderer, or useRequestContext data from one user's session to bleed into another user's response. No public exploit has been identified at time of analysis, but the C:H CVSS impact rating reflects that leaked context values frequently carry sensitive per-user material such as authentication state, session tokens, or profile data.
Header de-duplication logic in Hono's AWS API Gateway v1 adapter silently drops distinct repeated header values because it uses substring comparison rather than exact string equality, meaning a value like '10.0.0.1' would incorrectly suppress '10.0.0.10'. Middleware or application logic relying on a complete X-Forwarded-For chain, rate limiting counters, audit trail integrity, or proxy-chain trust validation receives a truncated view of the request. Affected versions span 4.3.3 through 4.12.26; no public exploit identified at time of analysis, though the GitHub advisory confirms the issue and a fix is released in v4.12.27.
Denial of service in OpenTelemetry JavaScript (@opentelemetry/propagator-jaeger) before 2.9.0 allows an unauthenticated remote attacker to crash a Node.js service by sending a malformed percent-encoded uber-trace-id or uberctx-* HTTP header. The JaegerPropagator passes header values to decodeURIComponent() without catching the resulting URIError, so the uncaught exception terminates the process. No public exploit identified at time of analysis, and this is not listed in CISA KEV; the fix is version 2.9.0.
Credential exposure in OpenClaw before 2026.5.28 lets a lower-trust actor who can write to a workspace's configured input paths plant a dotenv file that overrides trusted provider credentials, causing sensitive secrets to leak across intended trust boundaries. VulnCheck reported the issue and it is fixed in 2026.5.28; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The vendor CVSS 4.0 base score is 8.4 (High), reflecting high confidentiality and integrity impact but requiring local path access and user interaction.
Denial of service in linkify-it before 5.0.2 allows remote attackers to exhaust CPU by submitting crafted text containing many mailto: occurrences, each triggering the src_email_name email-name validator in lib/re.mjs to rescan the remaining input, yielding O(n^2) complexity. Any application that runs untrusted user text through linkify-it's .test() or .match() is affected; there is no public exploit identified at time of analysis and the flaw is not in CISA KEV, but the low complexity of the trigger makes availability disruption straightforward.
Host validation bypass in guzzlehttp/psr7 before 2.12.3 enables URI authority confusion attacks against PHP applications that rely on Uri::getHost() for security-critical decisions. The Uri::assertValidHost() method accepts host strings containing authority delimiters, embedded ports, or malformed IPv6 brackets, causing a semantic split where getHost() returns a sanitized value that disagrees with the actual URI authority used for routing - a classic CWE-436 interpretation conflict exploitable for SSRF allowlist bypass or host-based access control evasion. No public exploit has been identified at time of analysis; vendor-released patch version 2.12.3 resolves the issue.
Passive network de-anonymization of Encrypted Client Hello (ECH) connections is possible in Go's crypto/tls library because pre-shared key (PSK) identities are exposed in cleartext outer ClientHello messages, allowing any on-path observer to correlate resumption sessions and identify servers despite ECH's intended privacy protections. Affected versions span crypto/tls prior to 1.25.12, 1.26.5, and 1.27.0-rc.2 across the Go standard library. No public exploit code has been identified at time of analysis and no CISA KEV listing exists; however, exploitation requires no authentication or user interaction and is accessible to any network-level adversary with passive traffic visibility.
Sandbox escape in the Go standard library's os.Root API (os package) on Unix systems allows filesystem operations meant to be confined to a directory to reach files outside it. When a path's final component is a symbolic link and the path ends in a trailing slash (e.g. root.Open("symlink/")), os.Root improperly dereferences that symlink to a location outside the root, defeating the traversal protection the API is designed to enforce. Affects Go before 1.25.12, 1.26.5, and 1.27.0-rc.2; no public exploit is identified at time of analysis and it is not in CISA KEV.
Uncontrolled resource consumption in Immutable.js prior to 4.3.9 and 5.1.8 lets an attacker who controls keys inserted into an Immutable.Map or Immutable.Set exhaust CPU by supplying many keys that share the same 32-bit hash. Because collisions are stored in a HashCollisionNode bucket that is scanned linearly, insertion and lookup degrade from near-constant to quadratic time, producing a denial of service. No public exploit identified at time of analysis and no active exploitation is indicated, but the CVSS 4.0 score of 8.7 reflects an easy, unauthenticated, network-reachable availability impact wherever user-supplied objects reach these structures.
Denial of service in Socket.IO (Engine.IO server) from 4.1.0 before 6.6.7 lets a remote unauthenticated attacker exhaust server-side connections and sockets by sending invalid binary POST requests. When the Engine.IO v4 polling transport receives a malformed binary payload with Content-Type: application/octet-stream, it fails to close the HTTP response, leaking the underlying socket until connection and file-descriptor limits are reached. No public exploit identified at time of analysis; the flaw is fixed in engine.io 6.6.7.
Prototype pollution in protobuf.js versions 8.2.0 through 8.6.4 allows network-reachable attackers to corrupt JavaScript object prototype chains via the Text Format extension, by supplying a map entry whose key is the reserved JavaScript token `__proto__`, causing the parser to overwrite the prototype of the returned map object instead of creating a literal own-property entry. Exploitation is constrained by high attack complexity - only applications explicitly using the optional `/ext/textformat` module and parsing attacker-controlled input are affected - and real-world impact is limited to partial confidentiality and integrity effects in downstream code that inherits or enumerates poisoned prototype properties. No active exploitation has been confirmed (not in CISA KEV) and no public exploit code has been identified at time of analysis.
Denial of service in node-tar prior to 7.5.18 allows unauthenticated network-reachable attackers to crash Node.js processes by submitting crafted tar archives containing all-digit PAX header path or linkpath values. The library incorrectly coerces these string values to JavaScript numbers in src/pax.ts, causing downstream path handling (normalizeWindowsPath(entry.path).split('/')) to throw an uncaught TypeError when it attempts to call a string method on a numeric value. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.
Process termination via crafted tar archive affects node-tar prior to 7.5.17, where NUL bytes in PAX path and linkpath header records are not sanitized before being passed to Node.js filesystem calls. Any application using node-tar to extract untrusted archives is susceptible to denial of service through an uncaught exception that crashes the Node.js process. No confirmed active exploitation or public exploit code has been identified at time of analysis; however, the low attack complexity (CVSS AC:L, PR:N) makes this trivial to trigger wherever attacker-controlled archive input reaches a vulnerable node-tar instance.
Denial of service in the js-yaml Node.js YAML parser (versions 5.0.0 up to but not including 5.2.0) lets a remote attacker consume quadratic CPU time by submitting a small, linearly-sized YAML document that chains merge keys (<<) so each mapping merges the previous one. Because confidentiality and integrity impact are nil and only availability is affected (CVSS 7.5, AV:N/A:H), a single crafted document can stall or hang the parsing thread. SSVC rates this poc / automatable=yes / partial impact; there is no public weaponized exploit and it is not on CISA KEV, with a low EPSS of 0.29%.
Local file inclusion in Repomix's git clone HTTP endpoint lets unauthenticated remote attackers read arbitrary tracked file contents from git repositories on the server's filesystem. The isValidRemoteValue validation in src/core/git/gitRemoteParse.ts does not reject file:// scheme URLs, so a supplied file:///path/to/repo value is passed directly to git clone. No public exploit identified at time of analysis, and the flaw is not listed in CISA KEV; the CVSS 4.0 base score is 8.7 (High) driven by high confidentiality impact with no authentication required.
SQL and DDL injection in the Snowflake Terraform Provider before 2.18.0 lets an attacker who can influence pipeline workspace variables execute arbitrary SQL inside the provider's privileged Snowflake session (CWE-89), enabling data exfiltration and creation of long-lived credentials. A second flaw allows identifier-injection into user-management DDL, so accounts can be minted with attacker-controlled credentials that bypass operator-configured security controls. No public exploit identified at time of analysis; risk is authenticated/insider-driven rather than remote-unauthenticated.
Unauthenticated cluster-internal access to TrustyAI Service Operator's gorch and NemoGuardrails deployments is possible when a specific security setting is not explicitly enabled at deployment time. Any workload running within the same Kubernetes or OpenShift cluster can reach these AI guardrail and orchestration service endpoints without presenting credentials, exposing sensitive inference data and enabling limited unauthorized model interactions. No public exploit has been identified at time of analysis, but the low-complexity adjacent attack vector and low-privilege prerequisite make this a realistic lateral movement risk in shared or multi-tenant cluster environments.
Sensitive information disclosure in Adalo App Builder (versions 1 through 2) lets remote unauthenticated attackers harvest personal data at scale by sending a single request to a minimal leaderboard component, returning user records that include emails, UUIDs, and custom fields. The flaw stems from wildcard CORS behavior combined with long-lived twenty-day JWTs and no token revocation, meaning any Adalo application can be scraped without app-specific secrets. No public exploit is identified at time of analysis, and the EPSS score is low (0.10%), but the network-reachable, no-authentication nature makes mass automated collection straightforward.
Sensitive user-record disclosure in Adalo's no-code app builder (App Builder versions 1 and 2) lets remote actors enumerate the internal 'dbId' identifier to retrieve complete user records and correlate individuals' behavior across multiple applications hosted on the platform. The flaw stems from predictable/enumerable record identifiers combined with absent access controls and no data minimization. There is no public exploit identified at time of analysis, and EPSS rates near-term exploitation probability very low (0.15%, 5th percentile) despite the high confidentiality-only CVSS of 7.5.
Denial of service in Progress MOVEit Transfer (Custom Reports modules) allows remote attackers to exhaust server memory through a missing-release-of-memory (memory leak) flaw, degrading availability of the managed file transfer service. It affects MOVEit Transfer 2025.0.x before 2025.0.8, 2025.1.x before 2025.1.4, and 2026.0.0 before 2026.0.1, and is addressed in the Progress Critical Security Bulletin of June 2026. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.
Server-side NoSQL injection in Progress MOVEit Transfer (Custom Reports modules) lets an authenticated high-privilege user inject crafted query elements to read, alter, or disrupt backend data. It affects MOVEit Transfer 2025.0.x before 2025.0.8, 2025.1.x before 2025.1.4, and 2026.0.0 before 2026.0.1, with full confidentiality, integrity, and availability impact per the CVSS vector. No public exploit identified at time of analysis, and it is not listed in CISA KEV.
Denial of service in js-yaml (a widely-used JavaScript YAML parser) 3.0.0-3.14.x and 4.0.0-4.2.x allows remote attackers to consume quadratic CPU time by submitting a linearly-sized YAML document built from a chain of mappings that use merge keys, where each mapping merges the previous one. Exploitation requires no authentication or user interaction (CVSS 7.5, availability-only impact), and any application that parses attacker-controlled YAML with a vulnerable version is affected. No public exploit identified at time of analysis; fixes are available in 3.15.0 and 4.3.0.
Denial of service in the js-yaml JavaScript YAML parser (versions 5.0.0 up to but not including 5.2.1) allows remote attackers to exhaust CPU by submitting a crafted YAML document containing an ordered-map (!!omap) node with many entries. Because the !!omap handler performs a linear duplicate-key scan on every insertion, parsing scales as O(n^2), so a modestly sized payload can consume disproportionate CPU when yaml.load() is called. Exploitation is gated behind the non-default YAML11_SCHEMA; SSVC lists proof-of-concept exploit status, there is no CISA KEV entry, and EPSS is low at 0.29%.
Cross-origin admin account takeover in the Grav CMS API plugin before v1.0.0-rc.16 stems from two combined weaknesses: JWT tokens are accepted through the ?token= URL query parameter and every API response returns the wildcard Access-Control-Allow-Origin: * header. Any attacker who harvests a leaked JWT from access logs, proxy logs, browser history, or Referrer headers can replay it in fully authenticated cross-origin requests from an arbitrary malicious site, then create persistent super-admin accounts and exfiltrate configuration and user data. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV, but a vendor patch (v1.0.0-rc.16) is available.
Heap buffer overflow in ImageMagick's FTXT encoder exposes systems to denial of service and potential information disclosure when processing attacker-crafted image files. All ImageMagick versions before 7.1.2-19 are affected due to missing boundary checks when parsing the ftxt:format parameter, allowing an out-of-bounds read (CWE-125) in the FTXT encoder component. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog, though a vendor patch is available at 7.1.2-19.
Heap-buffer-overflow read in ImageMagick's GetPixelIndex function exposes limited heap memory contents and can cause partial availability impact in affected 6.x and 7.x branches before the patched releases. The root cause is a metadata-allocation race in OpenPixelCache, which updates image channel metadata before confirming successful pixel cache memory allocation, leaving GetPixelIndex to operate on stale channel counts. Exploitation requires high privilege access and the ability to induce memory or disk allocation failures, yielding only limited confidentiality and availability impact; no public exploit code and no CISA KEV listing are associated with this CVE.
Capgo's app information endpoint retains EXIF metadata in uploaded images, leaking sensitive geolocation coordinates and device information to any party with image access. Versions prior to 12.128.2 are affected. An authenticated attacker or any user who can view uploaded app-information images can retrieve full EXIF payloads - including GPS coordinates, timestamps, and device identifiers - from files that the platform should have sanitized. No public exploit code has been identified at time of analysis, and the issue is not listed in the CISA KEV catalog; however, the attack requires only low-privilege network access and trivial tooling such as exiftool.
Unauthenticated information disclosure in Capgo (Cap-go/capgo) before 12.128.2 exposes sensitive organization metrics through a misconfigured Supabase PostgREST RPC endpoint. The Supabase function public.get_total_metrics(org_id) is accessible to the anon role using only the publicly distributed sb_publishable_* key, meaning any external party can query it without credentials. By iterating valid organization UUIDs against POST /rest/v1/rpc/get_total_metrics, attackers can confirm organization existence and harvest usage data including monthly active users, bandwidth consumption, and install counts. No public exploit or CISA KEV listing exists at time of analysis; the EPSS signal is absent from provided data but the low exploitation complexity suggests elevated opportunistic risk.
Broken access control in Capgo (the Capacitor live-update/OTA platform) before 12.128.2 lets any unauthenticated caller holding only the public publishable API key read arbitrary users' organization data. The Supabase PostgREST RPC function public.get_orgs_v6 runs as SECURITY DEFINER and is granted to the anon role, yet trusts a caller-supplied user UUID instead of the authenticated identity, exposing org membership, roles, subscription/trial metadata, and the management_email PII. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but exploitation is trivial and requires no credentials beyond the intentionally-public key.
Stored cross-site scripting in Dell PowerProtect Data Domain (DD OS 7.7.1.0 through 8.7, plus the LTS2026 8.6.1.x, LTS2025 8.3.1.x, and LTS2024 7.13.1.x branches) lets a remote attacker persist malicious script in the appliance management interface that executes in other users' browser sessions. Because the flaw is reachable without authentication and the injected payload runs in the victim's authenticated context, an attacker can achieve information disclosure, session/token theft, and client-side request forgery against operators of the backup appliance. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; Dell has published advisory DSA-2026-278.
Denial of service in the Imager image-processing module for Perl (all versions before 1.033) allows remote attackers to crash a worker process by submitting an image whose EXIF IFD entry count is mishandled as a signed integer, triggering an near-address-space-sized memory allocation that fails and aborts the process. Any application that passes untrusted images through Imager's EXIF parsing is exposed. There is no public exploit identified at time of analysis, EPSS is low (0.18%, 8th percentile), and it is not listed in CISA KEV.
Timing side-channel exposure in Red Hat Directory Server's PBKDF2-SHA256 password verification allows a remote unauthenticated attacker to send repeated LDAP bind requests and statistically infer partial hash information by measuring response-time differences caused by non-constant-time memcmp() comparisons. Affected deployments span Red Hat Directory Server 11 through 13 and the 389-ds-base package shipped across RHEL 6 through 10. No public exploit identified at time of analysis, and practical exploitation is acknowledged to be extremely difficult due to the computational overhead inherent in PBKDF2 key stretching, which substantially degrades the timing signal.
Nomysem, an education and consulting management platform by Turkish vendor NOMYSOFT Informatics, exposes sensitive information to authenticated low-privilege users due to incompatible ACL policies that fail to properly constrain access to restricted functionality. Network-accessible endpoints can be reached by any valid account holder, yielding high-confidentiality-impact data exposure without requiring elevated rights or user interaction. No public exploit code has been identified at time of analysis; however, the vendor failed to respond to coordinated disclosure, leaving the vulnerability unpatched.
Local privilege escalation in Foxit PDF Editor and Foxit PDF Reader (Windows) lets a low-privileged user place executable files that a high-privilege process later runs directly, yielding code execution as NT AUTHORITY\SYSTEM. The flaw stems from an untrusted search path (CWE-427) where the application loads and executes attacker-writable binaries without validating their origin. There is no public exploit identified at time of analysis, EPSS is low (0.11%, 2nd percentile), and SSVC reports no observed exploitation, so this is a locally-exploitable escalation rather than a remotely wormable threat.
Out-of-bounds read in Foxit PDF Editor and Foxit PDF Reader allows a local attacker to crash the application and potentially expose adjacent memory contents by delivering a specially crafted PDF containing malicious JavaScript. The JavaScript manipulates page and document objects to desynchronize internal page-related state from the renderer's trusted page count; when the renderer subsequently accesses page objects using the stale index, it reads beyond valid memory bounds. No public exploit identified at time of analysis and no CISA KEV listing, but the broad affected version ranges across multiple major release branches (13.x, 14.x, and 2026.x) means a large proportion of unpatched Foxit deployments are exposed.
Foxit PDF Reader and PDF Editor crash with potential memory disclosure when processing maliciously crafted PDF documents containing JavaScript that causes reentrancy during page opening or form formatting. The reentrancy leaves the document object in an inconsistent state; when the application subsequently attempts to dereference stale page metadata, it reads from an invalid memory address (CWE-125 out-of-bounds read), resulting in application termination and limited memory content exposure. No public exploit code or active exploitation has been identified at time of analysis; exploitation requires a local user interaction to open a crafted PDF file.
Out-of-bounds read in Foxit PDF Reader and PDF Editor allows a local attacker to crash the application and potentially disclose limited memory contents by delivering a specially crafted PDF containing a malformed image object. The vulnerability triggers when the renderer encounters an abnormal image object, causes it to enter an incorrect processing branch, and subsequently dereferences an invalid buffer pointer during scan line conversion. No public exploit code has been identified and no CISA KEV listing exists, but the CVSS availability impact is rated High, meaning successful exploitation reliably causes application termination.
Out-of-bounds read in Foxit PDF Editor and Foxit PDF Reader crashes the application and exposes limited memory contents when a victim opens a specially crafted PDF embedding a semantically malformed color space function. Affected versions span multiple branches across both Editor and Reader products, confirmed through EUVD-2026-42198. No public exploit code or active exploitation has been identified at time of analysis; however, the low attack complexity and file-based delivery mechanism make this a plausible phishing lure in targeted campaigns against organizations relying on Foxit products.
Out-of-bounds read in Foxit PDF Editor and PDF Reader during PRC (Product Representation Compact) 3D content parsing crashes the application and leaks limited memory content. Affects multiple concurrent release trains including versions 2026.1.1, 14.0.4, and 13.2.4 and earlier. Exploitation requires a victim to open a specially crafted PDF containing a malicious PRC entity - no public exploit has been identified at time of analysis.
Out-of-bounds read in Foxit PDF Editor and Foxit PDF Reader's PRC 3D file header parser crashes the application and may leak process memory when a victim opens a specially crafted PDF. Affected version ranges span Foxit PDF Reader through 2026.1.1 and multiple Foxit PDF Editor release branches through 13.2.4, 14.0.4, and 2026.1.1. No public exploit code or confirmed active exploitation has been identified at time of analysis; the CVSS availability impact is rated High due to a reliable application crash on trigger, with a minor confidentiality component from out-of-bounds memory exposure.
Memory corruption in the OpenSSH client (ssh) before 10.4 lets a malicious or compromised SSH server trigger a use-after-free on the connecting client by changing its host key during a key re-exchange (rekey), potentially leading to information disclosure or code execution in the client process. Only the client side is affected; the server is not vulnerable. There is no public exploit identified at time of analysis and it is not on CISA KEV, and EPSS is low (0.25%, 16th percentile), but the flaw is fixed in OpenSSH 10.4/10.4p1.
Security-control bypass in OpenSSH sshd before 10.4 causes the DisableForwarding=yes hardening directive to be silently ignored when PermitTunnel=yes is also set, so tun-device forwarding remains available despite an administrator's explicit policy to disable all forwarding. Affected operators are those who rely on DisableForwarding as a defense-in-depth restriction; the flaw lets an authenticated user establish layer-2/3 tunnels the configuration was meant to forbid. There is no public exploit identified at time of analysis, EPSS is low (0.13%, 3rd percentile), and it is not on CISA KEV.
OpenSSH sshd before version 10.4 silently ignores the GSSAPIStrictAcceptorCheck configuration directive when the server is integrated with Windows Active Directory, defeating a security control that administrators rely on to enforce GSSAPI acceptor name validation during Kerberos-based SSH authentication. This undocumented behavior means AD-joined SSH servers may accept GSSAPI authentications against unintended Kerberos service principals regardless of how the option is configured, yielding limited confidentiality and integrity impact. No public exploits or active exploitation have been identified; the CVSS AC:H rating reflects the specific environmental prerequisites required for exploitation.
OpenSSH's internal-sftp subsystem silently discards all command-line arguments beyond position 9, allowing authenticated SFTP users to bypass security restrictions that administrators intended to enforce via those later-positioned arguments. All OpenSSH releases before 10.4 are affected when sshd_config supplies more than nine arguments to the internal-sftp subsystem, which is a non-default but legitimate administrative pattern used for directory restriction, read-only enforcement, and umask control. No public exploit has been identified and this vulnerability is not listed in the CISA KEV catalog; however, sites relying on complex internal-sftp argument chains for access policy enforcement face a direct, silent policy bypass.
Path traversal in the scp utility of OpenSSH before 10.4 causes files to be written into the parent directory of the intended destination during remote-to-remote copy operations. The root cause is CWE-23 (Relative Path Traversal): scp fails to canonicalize or sanitize paths when relaying data between two remote hosts, allowing an attacker controlling a malicious endpoint to influence where transferred files land. No public exploit identified at time of analysis, and active exploitation has not been confirmed by CISA KEV; the CVSS AC:H and UI:R metrics significantly constrain real-world exploitability.
Path traversal in the OpenSSH sftp client before version 10.4p1 allows an attacker-controlled server to write downloaded files outside the user's intended target directory when the 'sftp server:/path .' bulk-download syntax is used. Affected are all OpenSSH deployments where users sftp from untrusted or attacker-controlled hosts, which in practice spans virtually every Linux and Unix environment. No public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV, though the ubiquity of OpenSSH elevates aggregate exposure despite the moderate per-instance severity.
Out-of-bounds read in the Perl DBI module's preparse() SQL-normalisation routine allows an attacker who controls SQL passed to the method (where the statement begins with a comment line) to trigger a one-byte read past a buffer, in all DBI releases before 1.650. On memory-hardened builds this faults and crashes the process (availability impact); on normal builds it produces nondeterministic newline retention. This is a CWE-125 flaw reported by CPANSec with no public exploit identified at time of analysis; EPSS is low at 0.19% (8th percentile) and it is not in CISA KEV.