CWE-532
AllowedInsertion of Sensitive Information into Log File
Abstraction: Base · Status: Incomplete
The product writes sensitive information to a log file.
1739 vulnerabilities reference this CWE, most recent first.
GHSA-P7F2-6479-84WX
Vulnerability from github – Published: 2026-04-16 21:31 – Updated: 2026-04-16 21:31Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an insertion of sensitive information into log file vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.
{
"affected": [],
"aliases": [
"CVE-2025-43937"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-16T19:16:32Z",
"severity": "MODERATE"
},
"details": "Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an insertion of sensitive information into log file vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.",
"id": "GHSA-p7f2-6479-84wx",
"modified": "2026-04-16T21:31:13Z",
"published": "2026-04-16T21:31:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43937"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000376214/dsa-2025-347-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-P83H-G6JW-GH8F
Vulnerability from github – Published: 2025-01-03 06:32 – Updated: 2025-01-03 09:30iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration configurations, during remote logins to hosts that have a common Python installation.
{
"affected": [],
"aliases": [
"CVE-2025-22275"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-03T05:15:08Z",
"severity": "CRITICAL"
},
"details": "iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration configurations, during remote logins to hosts that have a common Python installation.",
"id": "GHSA-p83h-g6jw-gh8f",
"modified": "2025-01-03T09:30:47Z",
"published": "2025-01-03T06:32:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22275"
},
{
"type": "WEB",
"url": "https://gitlab.com/gnachman/iterm2/-/wikis/SSH-Integration-Information-Leak"
},
{
"type": "WEB",
"url": "https://iterm2.com/downloads/stable/iTerm2-3_5_11.changelog"
},
{
"type": "WEB",
"url": "https://news.ycombinator.com/item?id=42579472"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-P868-FP4Q-W4HX
Vulnerability from github – Published: 2024-09-10 12:30 – Updated: 2024-09-10 12:30A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2). The affected application inserts sensitive information into a log file which is readable by all legitimate users of the underlying system. This could allow an authenticated attacker to compromise the confidentiality of other users' configuration data.
{
"affected": [],
"aliases": [
"CVE-2024-42344"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-10T10:15:12Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been identified in SINEMA Remote Connect Client (All versions \u003c V3.2 SP2). The affected application inserts sensitive information into a log file which is readable by all legitimate users of the underlying system. This could allow an authenticated attacker to compromise the confidentiality of other users\u0027 configuration data.",
"id": "GHSA-p868-fp4q-w4hx",
"modified": "2024-09-10T12:30:38Z",
"published": "2024-09-10T12:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42344"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-417159.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-P8RH-8MH7-W4XH
Vulnerability from github – Published: 2024-10-14 18:30 – Updated: 2024-10-14 18:30In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log channel at the DEBUG logging level.
{
"affected": [],
"aliases": [
"CVE-2024-45739"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-14T17:15:12Z",
"severity": "MODERATE"
},
"details": "In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log channel at the DEBUG logging level.",
"id": "GHSA-p8rh-8mh7-w4xh",
"modified": "2024-10-14T18:30:25Z",
"published": "2024-10-14T18:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45739"
},
{
"type": "WEB",
"url": "https://advisory.splunk.com/advisories/SVD-2024-1009"
},
{
"type": "WEB",
"url": "https://research.splunk.com/application/93dc7182-c5da-4085-82ec-401abf33d623"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-P999-J4HQ-PMJ3
Vulnerability from github – Published: 2025-04-09 00:30 – Updated: 2025-04-09 00:30Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltered environment variables to the stack.
{
"affected": [],
"aliases": [
"CVE-2025-25013"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-08T23:15:45Z",
"severity": "MODERATE"
},
"details": "Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltered environment variables to the stack.",
"id": "GHSA-p999-j4hq-pmj3",
"modified": "2025-04-09T00:30:27Z",
"published": "2025-04-09T00:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25013"
},
{
"type": "WEB",
"url": "https://discuss.elastic.co/t/elastic-defend-8-17-3-security-update-esa-2025-05/376921"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PC23-4MQ4-C95V
Vulnerability from github – Published: 2026-06-02 18:31 – Updated: 2026-06-02 18:31A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Genetec found the issue. There is currently no evidence of active exploitation.
This vulnerability is associated with specific installation package builds rather than the product version identifier alone. Certain versions (including 5.10.4.0, 5.11.3.0, 5.12.2.0 and 5.13.3.0) were released with both vulnerable and remediated installation packages under the same version number.
Consequently, version-based comparison alone is insufficient to determine exposure. Only installations performed using vulnerable builds are affected. Remediated builds can be distinguished using verified installation package hashes. For the complete list of fixed build hashes, refer to the security advisory section.
{
"affected": [],
"aliases": [
"CVE-2026-40619"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-02T16:16:39Z",
"severity": "HIGH"
},
"details": "A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Genetec found the issue. There is currently no evidence of active exploitation.\n\nThis vulnerability is associated with specific installation package builds rather than the product version identifier alone. Certain versions (including 5.10.4.0, 5.11.3.0, 5.12.2.0 and 5.13.3.0) were released with both vulnerable and remediated installation packages under the same version number.\n\nConsequently, version-based comparison alone is insufficient to determine exposure. Only installations performed using vulnerable builds are affected. Remediated builds can be distinguished using verified installation package hashes. For the complete list of fixed build hashes, refer to the security advisory section.",
"id": "GHSA-pc23-4mq4-c95v",
"modified": "2026-06-02T18:31:31Z",
"published": "2026-06-02T18:31:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40619"
},
{
"type": "WEB",
"url": "https://resources.genetec.com/security-advisories/vulnerability-affecting-security-center-systems-main-server-installations"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PFM2-2MHG-8WPX
Vulnerability from github – Published: 2026-04-23 14:31 – Updated: 2026-05-13 13:33Impact
When n8n-mcp runs in HTTP transport mode, incoming requests to the POST /mcp endpoint had their request metadata written to server logs regardless of the authentication outcome. In deployments where logs are collected, forwarded to external systems, or viewable outside the request trust boundary (shared log storage, SIEM pipelines, support/ops access), this can result in disclosure of:
- bearer tokens from the
Authorizationheader - per-tenant API keys from the
x-n8n-keyheader in multi-tenant setups - JSON-RPC request payloads sent to the MCP endpoint
Access control itself was not bypassed — unauthenticated requests were correctly rejected with 401 Unauthorized — but sensitive values from those rejected requests could still be persisted in logs.
Impact category: CWE-532 (Insertion of Sensitive Information into Log File).
Affected
Deployments running n8n-mcp v2.47.10 or earlier in HTTP transport mode (MCP_MODE=http). The stdio transport is not affected.
Patched
v2.47.11 and later.
- npm:
npx n8n-mcp@latest(or pin to>= 2.47.11) - Docker:
docker pull ghcr.io/czlonkowski/n8n-mcp:latest
Workarounds
If users cannot upgrade immediately:
- Restrict network access to the HTTP port (firewall, reverse proxy, or VPN) so only trusted clients can reach the endpoint.
- Switch to stdio transport (
MCP_MODE=stdio, the default for CLI invocation), which has no HTTP surface.
Credit
n8n-MCP thanks @S4nso (Organization / Jormungandr) for reporting this issue.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "n8n-mcp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.47.11"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-41495"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-23T14:31:46Z",
"nvd_published_at": "2026-05-08T20:16:30Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nWhen `n8n-mcp` runs in HTTP transport mode, incoming requests to the `POST /mcp` endpoint had their request metadata written to server logs regardless of the authentication outcome. In deployments where logs are collected, forwarded to external systems, or viewable outside the request trust boundary (shared log storage, SIEM pipelines, support/ops access), this can result in disclosure of:\n\n- bearer tokens from the `Authorization` header\n- per-tenant API keys from the `x-n8n-key` header in multi-tenant setups\n- JSON-RPC request payloads sent to the MCP endpoint\n\nAccess control itself was not bypassed \u2014 unauthenticated requests were correctly rejected with `401 Unauthorized` \u2014 but sensitive values from those rejected requests could still be persisted in logs.\n\nImpact category: **CWE-532** (Insertion of Sensitive Information into Log File).\n\n### Affected\n\nDeployments running n8n-mcp **v2.47.10 or earlier** in HTTP transport mode (`MCP_MODE=http`). The stdio transport is not affected.\n\n### Patched\n\n**v2.47.11** and later.\n\n- npm: `npx n8n-mcp@latest` (or pin to `\u003e= 2.47.11`)\n- Docker: `docker pull ghcr.io/czlonkowski/n8n-mcp:latest`\n\n### Workarounds\n\nIf users cannot upgrade immediately:\n\n- Restrict network access to the HTTP port (firewall, reverse proxy, or VPN) so only trusted clients can reach the endpoint.\n- Switch to stdio transport (`MCP_MODE=stdio`, the default for CLI invocation), which has no HTTP surface.\n\n### Credit\n\nn8n-MCP thanks [@S4nso](https://github.com/S4nso) (Organization / Jormungandr) for reporting this issue.",
"id": "GHSA-pfm2-2mhg-8wpx",
"modified": "2026-05-13T13:33:57Z",
"published": "2026-04-23T14:31:46Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/czlonkowski/n8n-mcp/security/advisories/GHSA-pfm2-2mhg-8wpx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41495"
},
{
"type": "PACKAGE",
"url": "https://github.com/czlonkowski/n8n-mcp"
},
{
"type": "WEB",
"url": "https://github.com/czlonkowski/n8n-mcp/releases/tag/v2.47.11"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "n8n-MCP Logs Sensitive Request Data on Unauthorized /mcp Requests"
}
GHSA-PFVH-3W7H-4375
Vulnerability from github – Published: 2025-01-14 18:32 – Updated: 2025-01-14 18:32Windows Kernel Memory Information Disclosure Vulnerability
{
"affected": [],
"aliases": [
"CVE-2025-21321"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-14T18:15:56Z",
"severity": "MODERATE"
},
"details": "Windows Kernel Memory Information Disclosure Vulnerability",
"id": "GHSA-pfvh-3w7h-4375",
"modified": "2025-01-14T18:32:04Z",
"published": "2025-01-14T18:32:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21321"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21321"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PG5P-WWP8-97G8
Vulnerability from github – Published: 2023-04-19 18:16 – Updated: 2023-04-19 18:16Impact
When run in debug mode, Cilium may log sensitive information.
In particular, Cilium running in debug mode will log the values of headers if they match HTTP network policy rules. This issue affects Cilium versions:
- 1.7. to 1.10. inclusive
- 1.11.* before 1.11.16
- 1.12.* before 1.12.9
- 1.13.* before 1.13.2
In addition, Cilium 1.12. before 1.12.9 and 1.13. before 1.13.2., when running in debug mode, might log secrets used by the Cilium agent. This includes TLS private keys for Ingress and GatewayAPI resources, depending on the configuration of the affected cluster. Output of the confidential data would occur at Cilium agent restart, when the secrets are modified, and on creation of Ingress or GatewayAPI resources.
Patches
This vulnerability is fixed in Cilium releases 1.11.16, 1.12.9, and 1.13.2.
Workarounds
Disable debug mode.
Acknowledgements
The Cilium community has worked together with members of Isovalent to prepare these mitigations. Special thanks to @meyskens for investigating and fixing the issue.
For more information
If you have any questions or comments about this advisory, please reach out on Slack.
As usual, if you think you found a related vulnerability, we strongly encourage you to report security vulnerabilities to our private security mailing list: security@cilium.io - first, before disclosing them in any public forums. This is a private mailing list where only members of the Cilium internal security team are subscribed to, and is treated as top priority.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/cilium/cilium"
},
"ranges": [
{
"events": [
{
"introduced": "1.7.0"
},
{
"last_affected": "1.10.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/cilium/cilium"
},
"ranges": [
{
"events": [
{
"introduced": "1.11.0"
},
{
"fixed": "1.11.16"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/cilium/cilium"
},
"ranges": [
{
"events": [
{
"introduced": "1.12.0"
},
{
"fixed": "1.12.9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/cilium/cilium"
},
"ranges": [
{
"events": [
{
"introduced": "1.13.0"
},
{
"fixed": "1.13.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-29002"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2023-04-19T18:16:51Z",
"nvd_published_at": "2023-04-18T22:15:07Z",
"severity": "HIGH"
},
"details": "### Impact\n\nWhen run in debug mode, Cilium may log sensitive information.\n\nIn particular, Cilium running in debug mode will log the values of headers if they match HTTP network policy rules. This issue affects Cilium versions:\n\n- 1.7.* to 1.10.* inclusive\n- 1.11.* before 1.11.16\n- 1.12.* before 1.12.9\n- 1.13.* before 1.13.2\n\nIn addition, Cilium 1.12.* before 1.12.9 and 1.13.* before 1.13.2., when running in debug mode, might log secrets used by the Cilium agent. This includes TLS private keys for Ingress and GatewayAPI resources, depending on the configuration of the affected cluster. Output of the confidential data would occur at Cilium agent restart, when the secrets are modified, and on creation of Ingress or GatewayAPI resources.\n\n### Patches\n\nThis vulnerability is fixed in Cilium releases 1.11.16, 1.12.9, and 1.13.2.\n\n### Workarounds\nDisable debug mode.\n\n### Acknowledgements\nThe Cilium community has worked together with members of Isovalent to prepare these mitigations. Special thanks to @meyskens for investigating and fixing the issue.\n\n### For more information\nIf you have any questions or comments about this advisory, please reach out on [Slack](https://docs.cilium.io/en/latest/community/community/#slack).\n\nAs usual, if you think you found a related vulnerability, we strongly encourage you to report security vulnerabilities to our private security mailing list: [security@cilium.io](mailto:security@cilium.io) - first, before disclosing them in any public forums. This is a private mailing list where only members of the Cilium internal security team are subscribed to, and is treated as top priority.\n",
"id": "GHSA-pg5p-wwp8-97g8",
"modified": "2023-04-19T18:16:51Z",
"published": "2023-04-19T18:16:51Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/cilium/cilium/security/advisories/GHSA-pg5p-wwp8-97g8"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29002"
},
{
"type": "PACKAGE",
"url": "https://github.com/cilium/cilium"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Debug mode leaks confidential data in Cilium"
}
GHSA-PGF8-2HGJ-GRQG
Vulnerability from github – Published: 2026-05-07 00:05 – Updated: 2026-05-14 20:32Summary
When the Vercel CLI runs in non-interactive mode (--non-interactive or auto-detected AI agent), commands that cannot complete autonomously emit JSON payloads with suggested follow-up commands. If the user authenticated via --token or -t on the command line, the token value is included verbatim in those suggestions.
Conditions
All three must be true for the token to appear in output:
- Token passed as a CLI argument (
--token/-t). TheVERCEL_TOKENenvironment variable is not affected. - Non-interactive mode is active (explicit flag or AI agent auto-detection).
- The command cannot complete on its own (e.g. missing
--yes, ambiguous scope, API errors). Successful commands produce no suggestion output.
Impact
The plaintext token may be captured in CI/CD logs, agent transcripts, or other automation output.
Remediation
- Upgrade to the patched version.
- If developers have previously used
--tokenwith--non-interactivein their applications, review logs for exposed tokens and rotate them. - Prefer
VERCEL_TOKENenvironment variable for authentication.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 52.0.0"
},
"package": {
"ecosystem": "npm",
"name": "vercel"
},
"ranges": [
{
"events": [
{
"introduced": "50.16.0"
},
{
"fixed": "52.0.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-44479"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-532"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-07T00:05:20Z",
"nvd_published_at": "2026-05-13T16:16:58Z",
"severity": "MODERATE"
},
"details": "# Summary\n\nWhen the Vercel CLI runs in non-interactive mode (`--non-interactive` or auto-detected AI agent), commands that cannot complete autonomously emit JSON payloads with suggested follow-up commands. If the user authenticated via `--token` or `-t` on the command line, the token value is included verbatim in those suggestions.\n\n# Conditions\n\nAll three must be true for the token to appear in output:\n\n1. Token passed as a CLI argument (`--token` / `-t`). The `VERCEL_TOKEN` environment variable is **not affected**.\n2. Non-interactive mode is active (explicit flag or AI agent auto-detection).\n3. The command cannot complete on its own (e.g. missing `--yes`, ambiguous scope, API errors). Successful commands produce no suggestion output.\n\n## Impact\n\nThe plaintext token may be captured in CI/CD logs, agent transcripts, or other automation output.\n\n## Remediation\n\n- Upgrade to the patched version.\n- If developers have previously used `--token` with `--non-interactive` in their applications, review logs for exposed tokens and rotate them.\n- Prefer `VERCEL_TOKEN` environment variable for authentication.",
"id": "GHSA-pgf8-2hgj-grqg",
"modified": "2026-05-14T20:32:07Z",
"published": "2026-05-07T00:05:20Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/vercel/vercel/security/advisories/GHSA-pgf8-2hgj-grqg"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44479"
},
{
"type": "PACKAGE",
"url": "https://github.com/vercel/vercel"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Vercel: Non-interactive mode includes CLI arguments in suggested command output"
}
Mitigation
Consider seriously the sensitivity of the information written into log files. Do not write secrets into the log files.
Mitigation
Remove debug log files before deploying the application into production.
Mitigation
Protect log files against unauthorized read/write.
Mitigation
Adjust configurations appropriately when software is transitioned from a debug state to production.
CAPEC-215: Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash.