CWE-117
Medium likelihoodImproper Output Neutralization for Logs
The product constructs a log message from external input, but it does not neutralize or incorrectly neutralizes special elements when the message is written to a log file.
90 vulnerabilities with CWE-117
CVE-2025-59784
HIGH
2N Access Commander <3.4.1 - Log Pollution
CVSS 7.2
CVE-2026-25548
CRITICAL
InvoicePlane 1.7.0 - RCE via LFI & Log Poisoning
CVSS 9.1
CVE-2025-12755
MEDIUM
IBM MQ Operator 3.2.0-3.8.1 - Log Injection
CVSS 4.0
CVE-2025-11537
MEDIUM
Keycloak - Info Disclosure
CVSS 5.0
CVE-2026-1337
MEDIUM
Neo4j < 2026.01 - XSS
CVSS 5.4
CVE-2025-66577
MEDIUM
cpp-httplib <0.27.0 - Log Poisoning
CVSS 5.3
CVE-2025-20384
MEDIUM
Splunk <10.0.1-9.2.10 - Info Disclosure
CVSS 5.3
CVE-2025-36159
MEDIUM
IBM Concert <2.0.0 - Info Disclosure
CVSS 6.2
CVE-2025-11627
MEDIUM
Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each...
CVSS 6.5
CVE-2025-36081
MEDIUM
IBM Concert Software <2.0.0 - Info Disclosure
CVSS 5.3
CVE-2025-57564
HIGH
CubeAPM nightly-2025-08-01-1 - Code Injection
CVSS 8.2
CVE-2025-58580
MEDIUM
API - Info Disclosure
CVSS 6.5
CVE-2025-10217
Asset Suite - Info Disclosure
CVE-2025-59476
MEDIUM
Jenkins <2.527 - Info Disclosure
CVSS 5.3
CVE-2025-54813
HIGH
Apache Log4cxx <1.5.0 - Info Disclosure
CVSS 7.5
CVE-2025-54812
MEDIUM
Apache Log4cxx < 1.5.0 - XSS
CVSS 5.4
CVE-2025-54389
MEDIUM
AIDE <0.19.2 - Info Disclosure
CVSS 6.2
CVE-2025-54656
MEDIUM
Apache Struts Extras <2 - Info Disclosure
CVSS 6.5
CVE-2025-49846
Wire iOS <3.124.1 - Info Disclosure
CVE-2025-48432
MEDIUM
Django <5.2.3-4.2.23 - Info Disclosure
CVSS 4.0
CVE-2024-13949
MEDIUM
ASPECT <3.* - Info Disclosure
CVSS 6.8
CVE-2025-3942
MEDIUM
Tridium Niagara <4.14.2-4.15.1-4.10.11 - Input Data Manipulation
CVSS 4.3
CVE-2025-41429
MEDIUM
a-blog cms - Session Hijacking
CVSS 4.8
CVE-2025-36625
MEDIUM
Nessus <10.8.4 - Info Disclosure
CVSS 4.3
CVE-2024-52962
MEDIUM
FortiAnalyzer <7.6.1 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities
90
Exploit Likelihood
Medium