Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-312

CWE-312

Cleartext Storage of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

786 vulnerabilities with CWE-312

CVE-2026-7163 MEDIUM

Assisted-service: assisted-service: authenticated users can gain administrative access to openshift clusters via credential disclosure

CVE-2026-41385 MEDIUM

OpenClaw < 2026.3.31 - Nostr Private Key Exposure via config.get Redaction Bypass

CVE-2026-6796 MEDIUM

Sanluan PublicCMS Failed Login LoginAdminController.java log_login cleartext storage in file

CVE-2026-6553 HIGH

TYPO3 CMS Stores Cleartext Password in User Settings Module

CVE-2026-6598 MEDIUM

langflow-ai langflow Project Creation Endpoint projects.py encrypt_auth_settings cleartext storage in file

CVE-2026-35644 MEDIUM

OpenClaw < 2026.3.22 - Credential Exposure via baseUrl Fields in Gateway Snapshots

CVE-2026-39943 MEDIUM

Directus exposes sensitive fields in revision history

CVE-2026-5531 MEDIUM

SourceCodester Student Result Management System HTTP GET Request login_credentials.txt cleartext storage in file

CVE-2026-34833 HIGH

Bulwark Webmail: Information Exposure: password returned in /api/auth/session

CVE-2026-34214 HIGH

Trino: Iceberg REST catalog static and vended credentials are accessible via query JSON

CVE-2026-33026 CRITICAL

nginx-ui Backup Restore Allows Tampering with Encrypted Backups

CVE-2026-33867 HIGH

AVideo has Plaintext Video Password Storage

CVE-2026-4346 MEDIUM

Cleartext Storage of Administrative and Wi-Fi Credentials via Accessible Serial Interface in TP Link's TL-WR850N

CVE-2026-33512 HIGH

WWBN AVideo <=26.0 - Info Disclosure

CVE-2026-31848 CRITICAL

Reversible ecos_pw cookie allows administrative authentication in Nexxt Nebula 300+

CVE-2026-33003 MEDIUM

Jenkins LoadNinja Plugin <=2.1 - Info Disclosure

CVE-2026-32842 MEDIUM

Edimax GS-5008PL <= 1.00.54 Admin Credentials Stored in Cleartext

CVE-2026-24311 MEDIUM

SAP Customer Checkout - Memory Corruption

CVE-2026-3277 MEDIUM

PowerShell Universal <2026.1.3 - Info Disclosure

CVE-2026-3221 MEDIUM

Devolutions Server <2025.3.14 - Info Disclosure

CVE-2026-27520 HIGH

Binardat 10G08-0800GSM <V300SP10260209 - Info Disclosure

CVE-2026-23655 MEDIUM

Azure Compute Gallery - Info Disclosure

CVE-2026-24319 MEDIUM

SAP Business One - Info Disclosure

CVE-2026-25751 HIGH

Frangoteam Fuxa < 1.2.10 - Missing Authentication

CVE-2026-22276 MEDIUM

Dell ECS <3.8.1.7 & Dell ObjectScale <4.2.0.0 - Info Disclosure

Page 1 of 32 Next

Details

Vulnerabilities 786

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy