CWE-526: CWE-526
Yearly Trend
Top Affected Vendors
All CWE-526 CVEs (7)
This vulnerability in Quarkus allows attackers to access sensitive build system information that remains in artifacts created with the Gradle plugin. ...
Nov 15, 2023OpenC3 COSMOS versions before 6.0.2 expose service credentials as environment variables in all containers, allowing attackers to access sensitive auth...
Jun 13, 2025IBM Storage Virtualize vSphere Remote Plug-in versions 1.0 and 1.1 expose sensitive credential information to remote users after deployment. This vuln...
Mar 21, 2025IBM Controller and Cognos Controller versions store sensitive information unencrypted in environmental variables files, allowing authenticated users t...
Dec 8, 2025This vulnerability in Tap&Sign App allows attackers to exploit weak password recovery mechanisms and access sensitive information stored in cleartext ...
Mar 10, 2025IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 exposes sensitive information through an environment variable. This information disclosure could p...
Feb 17, 2026This vulnerability in Keycloak's realm import functionality allows attackers to inject malicious content via crafted realm documents that reference en...
Aug 21, 2025About CWE-526 (CWE-526)
Our database tracks 7 CVEs classified as CWE-526, with 0 rated critical and 2 rated high severity. The average CVSS score for CWE-526 vulnerabilities is 6.5.
External reference: View CWE-526 on MITRE CWE →
Monitor CWE-526 Vulnerabilities
Get alerted when new CWE-526 CVEs affect your infrastructure.
Start Monitoring Free