CWE-1295: CWE-1295

Total CVEs

Critical

High

6.6

Avg CVSS

Yearly Trend

2026

2025

2024

Top Affected Vendors

1 Fortinet 1

2 Google 1

3 Apache 1

All CWE-1295 CVEs (7)

CVE-2024-38516

8.8

This vulnerability in ai-client-html, an Aimeos e-commerce HTML client component, exposes sensitive environment variable information in error logs whe...

Jun 25, 2024

CVE-2024-45784

7.5

Apache Airflow versions before 2.10.3 contain a vulnerability where sensitive configuration variables (secrets) can be exposed in task logs. This allo...

Nov 15, 2024

CVE-2025-2877

6.5

This vulnerability in Ansible Automation Platform's Event-Driven Ansible exposes inventory passwords in plain text when debug verbosity is enabled dur...

Mar 28, 2025

CVE-2025-12910

6.2

A vulnerability in Google Chrome's Passkeys implementation allowed local attackers to access potentially sensitive information through debug logs. Thi...

Nov 8, 2025

CVE-2025-46775

5.5

A debug information disclosure vulnerability in Fortinet FortiExtender allows authenticated users to obtain administrator credentials through debug lo...

Nov 18, 2025

CVE-2024-11217

4.9

This vulnerability exposes OAuth2 client secrets in debug-level logs when using OIDC, GitHub, GitLab, or Google identity providers. Attackers with acc...

Nov 15, 2024

CVE-2025-59109

N/A

The dormakaba PIN Pad Units 9002 have an exposed UART hardware interface that transmits every button press, including PIN codes, in plaintext. An atta...

Jan 26, 2026

About CWE-1295 (CWE-1295)

Our database tracks 7 CVEs classified as CWE-1295, with 0 rated critical and 2 rated high severity. The average CVSS score for CWE-1295 vulnerabilities is 6.6.

External reference: View CWE-1295 on MITRE CWE →

Monitor CWE-1295 Vulnerabilities

Get alerted when new CWE-1295 CVEs affect your infrastructure.

Start Monitoring Free