CVE Database

15+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS

15 results for "CWE-5"

CVE-2026-14904
6.5 MEDIUM

AWS Research and Engineering Studio (RES) is an open-source solution that enables researchers and engineers to create and manage secure virtual desktops and computing resources …

Jul 7, 2026
CVE-2026-49088
4.4 MEDIUM

Insertion of Sensitive Information into Log File (CWE-532) in Kibana can lead to information disclosure. When the optional application performance monitoring (APM) instrumentation is enabled, …

Jul 1, 2026
CVE-2026-44501
4.3 MEDIUM

DataHub is an open-source metadata platform. Prior to 1.5.0.3, The DataHub frontend (datahub-frontend-react) deserializes attacker-controlled Java objects from the REDIRECT_URL HTTP cookie during the OIDC …

May 14, 2026
CVE-2026-31252
5.7 MEDIUM

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) contains an insecure deserialization vulnerability (CWE-502) in its model loading component. The framework uses torch.load() to load model weight files …

May 11, 2026
CVE-2024-47570
6.6 MEDIUM

An insertion of sensitive information into log file vulnerability [CWE-532] in FortiOS 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0 all versions; FortiProxy 7.4.0 through 7.4.3, …

Dec 9, 2025
CVE-2025-10221
5.5 MEDIUM

Insertion of Sensitive Information into Log File (CWE-532) in the ARP Agent component in AxxonSoft Axxon One / AxxonNet / C-WerkNet 2.0.4 and earlier on …

Sep 10, 2025
CVE-2025-32817
6.1 MEDIUM

A Improper Link Resolution vulnerability (CWE-59) in the SonicWall Connect Tunnel Windows (32 and 64 bit) client, this results in unauthorized file overwrite, potentially leading …

Apr 16, 2025
CVE-2024-40585
6.5 MEDIUM

An insertion of sensitive information into log file vulnerabilities [CWE-532] in FortiManager version 7.4.0, version 7.2.3 and below, version 7.0.8 and below, version 6.4.12 and …

Mar 14, 2025
CVE-2025-2002
6.0 MEDIUM

CWE-532: Insertion of Sensitive Information into Log Files vulnerability exists that could cause the disclosure of FTP server credentials when the FTP server is deployed, …

Mar 12, 2025
CVE-2024-37362
6.3 MEDIUM

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. (CWE-522) Hitachi Vantara Pentaho …

Feb 20, 2025
CVE-2024-12012
5.7 MEDIUM

A CWE-598 “Use of GET Request Method with Sensitive Query Strings” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. Both the SHA-1 …

Feb 13, 2025
CVE-2024-41699
4.4 MEDIUM

Priority – CWE-552: Files or Directories Accessible to External Parties

Aug 20, 2024
CVE-2024-5557
4.5 MEDIUM

CWE-532: Insertion of Sensitive Information into Log File vulnerability exists that could cause exposure of SNMP credentials when an attacker has access to the controller …

Jun 12, 2024
CVE-2024-5056
6.5 MEDIUM

CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may prevent user to update the device firmware and prevent proper behavior of the …

Jun 12, 2024
CVE-2023-45594
6.8 MEDIUM

A CWE-552 “Files or Directories Accessible to External Parties” vulnerability in the embedded Chromium browser allows a physical attacker to arbitrarily download/upload files to/from the …

Mar 5, 2024

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.