Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-311

CWE-311

High likelihood

Missing Encryption of Sensitive Data

Parent: CWE-693 - Protection Mechanism Failure

The product does not encrypt sensitive or critical information before storage or transmission.

508 vulnerabilities with CWE-311

CVE-2026-53442 MEDIUM

Jenkins - Missing Encryption of Sensitive Data

CVE-2026-34486 HIGH

Apache Tomcat: Fix for CVE-2026-29146 allowed bypass of EncryptInterceptor

CVE-2026-34992 HIGH

Missing Encryption of Sensitive Data in antrea.io/antrea

CVE-2026-32891 CRITICAL

Anchorr Privilege Escalation: Jellyseerr User → Anchorr Admin via Stored XSS

CVE-2026-28678 HIGH

DSA Study Hub < 2026-02-21 - Insufficiently Protected Credentials in JWT Cookie Storage

CVE-2026-27944 CRITICAL

nginxui/nginx_ui < 2.3.3 - Unauthenticated Sensitive Data Exposure via Backup Endpoint

CVE-2025-69969 CRITICAL

SRK Powertech Pebble Prism Ultra 2.9.2 - Command Injection

CVE-2025-15548 MEDIUM

TP-Link VX800v Firmware < 800.0.18 - Missing Encryption of Sensitive Data in Web Interface

CVE-2025-65098 HIGH

typebot < 3.13.2 - Unauthenticated Credential Theft via Malicious Typebot Preview

CVE-2025-13453 MEDIUM

Lenovo ThinkPlus FU100 FU200 TU800 TSD303 - Unprotected User Data Exposure via Missing Encryption

CVE-2025-15065 MEDIUM

Kings Information & Network Co. KESS Enterprise <*.25.9.19.exe - Pr...

CVE-2025-36751 CRITICAL

Growatt ShineLan-X/MIC 3300TL-X - Info Disclosure

CVE-2025-13053 LOW

ASUSTOR Data Master 4.1.0-4.3.3.ROF1 - Missing TLS Certificate Validation in UPS Configuration

CVE-2025-65825 MEDIUM

Meatmeet Pro WiFi & Bluetooth Meat Thermometer Firmware - Unprotected Credential Exposure via Unencrypted Firmware

CVE-2025-64147 MEDIUM

Jenkins Curseforge Publisher Plugin 1.0 - Sensitive Data Exposure via Unmasked API Keys

CVE-2025-64146 MEDIUM

Jenkins Curseforge Publisher Plugin 1.0 - Unencrypted API Key Storage in config.xml

CVE-2025-64145 MEDIUM

Jenkins ByteGuard Build Actions Plugin 1.0 - Sensitive Data Exposure via Unmasked API Tokens

CVE-2025-64144 MEDIUM

Jenkins ByteGuard Build Actions Plugin 1.0 - Unencrypted API Token Storage in Job Configuration

CVE-2025-64143 MEDIUM

Jenkins OpenShift Pipeline Plugin <= 1.0.57 - Unencrypted Authorization Token Storage in config.xml

CVE-2025-48981 HIGH

CGM MEDICO 29.0-29.0.9 - Missing Encryption of Sensitive Data in DNET Protocol

CVE-2025-59410 LOW

Dragonfly < 2.1.0 - Missing Encryption of Sensitive Data via HTTP Download

CVE-2025-10227 MEDIUM

AxxonSoft Axxon One < 2.0.8 - Sensitive Data Exposure via Unencrypted Object Archive

CVE-2025-31977 MEDIUM

HCL BigFix SM - Cryptographic Weakness via Weak Encryption Algorithms

CVE-2025-48862 HIGH

Bosch Rexroth ctrlX OS Setup 1.20.0-1.20.0, 2.6.0-2.6.0, 3.6.0-3.6.1 - Unprotected User Data Exposure

CVE-2025-8763 LOW

Ruijie EG306MG 3.0(1)B11P309 - Missing Encryption

Page 1 of 21 Next

Details

Vulnerabilities 508

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy