Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-312

CWE-312

Cleartext Storage of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

804 vulnerabilities with CWE-312

CVE-2026-34214 HIGH

Trino: Iceberg REST catalog static and vended credentials are accessible via query JSON

CVE-2026-33026 CRITICAL

nginx-ui Backup Restore Allows Tampering with Encrypted Backups

CVE-2026-33867 HIGH

AVideo has Plaintext Video Password Storage

CVE-2026-27877 MEDIUM

Public dashboards discloses all direct mode datasources

CVE-2026-4346 MEDIUM

Cleartext Storage of Administrative and Wi-Fi Credentials via Accessible Serial Interface in TP Link's TL-WR850N

CVE-2026-33512 HIGH

WWBN AVideo <=26.0 - Info Disclosure

CVE-2026-31848 CRITICAL

Reversible ecos_pw cookie allows administrative authentication in Nexxt Nebula 300+

CVE-2026-33003 MEDIUM

Jenkins LoadNinja Plugin <=2.1 - Info Disclosure

CVE-2026-32842 MEDIUM

Edimax GS-5008PL <= 1.00.54 Admin Credentials Stored in Cleartext

CVE-2026-24311 MEDIUM

SAP Customer Checkout - Memory Corruption

CVE-2026-3277 MEDIUM

PowerShell Universal <2026.1.3 - Info Disclosure

CVE-2026-3221 MEDIUM

Devolutions Server <2025.3.14 - Info Disclosure

CVE-2026-27520 HIGH

Binardat 10G08-0800GSM <V300SP10260209 - Info Disclosure

CVE-2026-23655 MEDIUM

Azure Compute Gallery - Info Disclosure

CVE-2026-24319 MEDIUM

SAP Business One - Cleartext Storage of Sensitive Information in Memory

CVE-2026-25751 HIGH

FUXA < 1.2.10 - Unauthenticated Information Disclosure of Database Credentials

CVE-2026-22276 MEDIUM

Dell ECS <3.8.1.7 & Dell ObjectScale <4.2.0.0 - Info Disclosure

CVE-2026-22240 HIGH

BLUVOYIX - Unauthenticated Exposure of Sensitive Information via Users API

CVE-2025-14815 CRITICAL

Information Disclosure, Tampering, and Denial-of-Service Vulnerabilities in GENESIS64, ICONICS Suite, MobileHMI, Hyper Historian, AnalytiX, GENESIS, and MC Works64

CVE-2025-55717 MEDIUM

Fortinet FortiMail/FortiRecorder/FortiVoice - Info Disclosure

CVE-2025-36105 MEDIUM

IBM Planning Analytics Advanced 3.1.0-3.1.4 - Info Disclosure

CVE-2025-70050 MEDIUM

lesspass v9.6.9 - Cleartext Storage of Sensitive Information

CVE-2025-47147 MEDIUM

Command Centre Mobile Client <9.40.123 - Info Disclosure

CVE-2025-10464 MEDIUM

Birtech Senseway <09022026 - Info Disclosure

CVE-2025-33081 LOW

IBM Concert <2.1.0 - Info Disclosure

Previous Page 2 of 33 Next

Details

Vulnerabilities 804

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy