ReportizFlow
Filtered by vendor
Subscriptions
Total
876 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-2671 | 1 Mendi | 1 Neurofeedback Headset | 2026-04-23 | 3.1 Low |
| A vulnerability was detected in Mendi Neurofeedback Headset V4. Affected by this vulnerability is an unknown functionality of the component Bluetooth Low Energy Handler. Performing a manipulation results in cleartext transmission of sensitive information. The attack can only be performed from the local network. The attack's complexity is rated as high. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-66573 | 1 Mersive | 2 Solstice Pod, Solstice Pod Firmware | 2026-04-23 | 7.5 High |
| Solstice Pod API (version 5.5, 6.2) contains an unauthenticated API endpoint (`/api/config`) that exposes sensitive information such as the session key, server version, product details, and display name. Unauthorized users can extract live session information by accessing this endpoint without authentication. | ||||
| CVE-2026-33472 | 1 Cryptomator | 1 Cryptomator | 2026-04-22 | 4.8 Medium |
| Cryptomator is an open-source client-side encryption application for cloud storage. Version 1.19.1 contains a logic flaw in CheckHostTrustController.getAuthority() that allows an attacker to bypass the security fix for CVE-2026-32303. The method hardcodes the URI scheme based on port number, causing HTTPS URLs with port 80 to produce the same authority string as HTTP URLs, which defeats both the consistency check and the HTTP block validation. An attacker with write access to a cloud-synced vault.cryptomator file can craft a Hub configuration where apiBaseUrl and authEndpoint use HTTPS with port 80 to pass auto-trust validation, while tokenEndpoint uses plaintext HTTP. The vault is auto-trusted without user prompt, and a network-positioned attacker can intercept the OAuth token exchange to access the Cryptomator Hub API as the victim. This issue has been fixed in version 1.19.2. | ||||
| CVE-2025-31981 | 1 Hcltech | 1 Bigfix Service Management | 2026-04-22 | 5.3 Medium |
| HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption due to port 80 (HTTP) being open, allowing unencrypted access. An attacker with access to the network traffic can sniff packets from the connection and uncover the data. | ||||
| CVE-2025-5270 | 1 Mozilla | 1 Firefox | 2026-04-20 | 7.5 High |
| In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139. | ||||
| CVE-2026-1777 | 1 Amazon | 1 Sagemaker Python Sdk | 2026-04-18 | 7.2 High |
| The Amazon SageMaker Python SDK before v3.2.0 and v2.256.0 includes the ModelBuilder HMAC signing key in the cleartext response elements of the DescribeTrainingJob function. A third party with permissions to both call this API and permissions to modify objects in the Training Jobs S3 output location may have the ability to upload arbitrary artifacts which are executed the next time the Training Job is invoked. | ||||
| CVE-2026-2539 | 1 Micca Auto Electronics | 1 Car Alarm System Ke700 | 2026-04-18 | N/A |
| The RF communication protocol in the Micca KE700 car alarm system does not encrypt its data frames. An attacker with a radio interception tool (e.g., SDR) can capture the random number and counters transmitted in cleartext, which is sensitive information required for authentication. | ||||
| CVE-2026-24455 | 1 Jinan Usr Iot Technology Limited (pusr) | 1 Usr-w610 | 2026-04-18 | 7.5 High |
| The embedded web interface of the device does not support HTTPS/TLS for authentication and uses HTTP Basic Authentication. Traffic is encoded but not encrypted, exposing user credentials to passive interception by attackers on the same network. | ||||
| CVE-2026-22544 | 2026-04-18 | N/A | ||
| An attacker with a network connection could detect credentials in clear text. | ||||
| CVE-2026-22079 | 1 Tenda | 2 F3, N300 | 2026-04-18 | N/A |
| This vulnerability exists in Tenda wireless routers (300Mbps Wireless Router F3 and N300 Easy Setup Router) due to the plaintext transmission of login credentials during the initial login or post-factory reset setup through the web-based administrative interface. An attacker on the same network could exploit this vulnerability by intercepting network traffic and capturing the credentials transmitted in plaintext. Successful exploitation of this vulnerability could allow the attacker to obtain sensitive information and gain unauthorized access to the targeted device. | ||||
| CVE-2026-22080 | 1 Tenda | 2 F3, N300 | 2026-04-18 | N/A |
| This vulnerability exists in Tenda wireless routers (300Mbps Wireless Router F3 and N300 Easy Setup Router) due to the transmission of credentials encoded using reversible Base64 encoding through the web-based administrative interface. An attacker on the same network could exploit this vulnerability by intercepting network traffic and capturing the Base64-encoded credentials. Successful exploitation of this vulnerability could allow the attacker to obtain sensitive information and gain unauthorized access to the targeted device. | ||||
| CVE-2026-0767 | 2 Open-webui, Openwebui | 2 Open-webui, Open Webui | 2026-04-18 | 6.5 Medium |
| Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Open WebUI. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of credentials provided to the endpoint. The issue results from transmitting sensitive information in plaintext. An attacker can leverage this vulnerability to disclose transmitted credentials, leading to further compromise. Was ZDI-CAN-28259. | ||||
| CVE-2026-22271 | 1 Dell | 3 Ecs Streamer, Elastic Cloud Storage, Objectscale | 2026-04-18 | 7.5 High |
| Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive Information vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information exposure. | ||||
| CVE-2026-22274 | 1 Dell | 3 Ecs Streamer, Elastic Cloud Storage, Objectscale | 2026-04-18 | 6.5 Medium |
| Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive Information vulnerability in the Fabric Syslog. An unauthenticated attacker with remote access could potentially exploit this vulnerability to intercept and modify information in transit. | ||||
| CVE-2026-23564 | 2 Microsoft, Teamviewer | 3 Windows, Dex, Digital Employee Experience | 2026-04-18 | 6.5 Medium |
| A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive information. | ||||
| CVE-2026-24441 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2026-04-18 | 5.9 Medium |
| Shenzhen Tenda AC7 firmware version V03.03.03.01_cn and prior expose account credentials in plaintext within HTTP responses, allowing an on-path attacker to obtain sensitive authentication material. | ||||
| CVE-2026-0714 | 1 Moxa | 71 Uc-1200a Series, Uc-1222a, Uc-1222a Firmware and 68 more | 2026-04-18 | 6.8 Medium |
| A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and attaching external equipment to the SPI bus to capture TPM communications. If successful, the captured data may allow offline decryption of eMMC contents. This attack cannot be performed through brief or opportunistic physical access and requires extended physical access, possession of the device, appropriate equipment, and sufficient time for signal capture and analysis. Remote exploitation is not possible. | ||||
| CVE-2026-31923 | 1 Apache | 1 Apisix | 2026-04-17 | 7.5 High |
| Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. This can occur due to `ssl_verify` in openid-connect plugin configuration being set to false by default. This issue affects Apache APISIX: from 0.7 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue. | ||||
| CVE-2026-31924 | 1 Apache | 1 Apisix | 2026-04-17 | 5.3 Medium |
| Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. tencent-cloud-cls log export uses plaintext HTTP This issue affects Apache APISIX: from 2.99.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue. | ||||
| CVE-2026-27752 | 3 Shenzhen Hongyavision Technology Co, Sodola-network, Sodolanetworks | 4 Sodola Sl902-swtgw124as, Sl902-swtgw124as, Sl902-swtgw124as Firmware and 1 more | 2026-04-16 | 5.9 Medium |
| SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 transmit authentication credentials over unencrypted HTTP, allowing attackers to capture credentials. An attacker positioned to observe network traffic between a user and the device can intercept credentials and reuse them to gain administrative access to the gateway. | ||||