CWE-319

High likelihood

Cleartext Transmission of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

882 vulnerabilities with CWE-319
CVE-2026-9741 MEDIUM
Client side encryption fails to encrypt values in a $vectorSearch
CVSS 6.5
CVE-2026-45432 HIGH
GX Earth ONT Models - Cleartext Credential Transmission
CVE-2026-8874 HIGH
Securly Chrome Extension < 3.0.7 - Unencrypted HTTP Download of Crisis Alert Keywords
CVSS 7.1
CVE-2026-36610 MEDIUM
Mercusys AC12G (EU) V1 Firmware AC12G(EU)_V1_200909 - Unauthenticated DDNS Credential Exposure via Plaintext HTTP
CVSS 5.9
CVE-2026-7666 LOW
Potential unencrypted email transmission via STARTTLS in the SMTP backend
CVSS 3.1
CVE-2026-10584 MEDIUM
HTTPS Fallback to HTTP in Graph Explorer
CVSS 5.9
CVE-2026-43625 MEDIUM
CodexBar < 0.32.0 - Cleartext Transmission of Sensitive Information via HTTP Redirect
CVSS 5.9
CVE-2026-25599 MEDIUM
Missing authentication and clear‑text data transmission affecting Orca heat pumps
CVSS 6.3
CVE-2026-34126 HIGH
Bluetooth Communication Uses Unencrypted Transmission During Initial Setup on TP-Link's Tapo L535E, P300 and D100C
CVSS 7.5
CVE-2026-48902 CRITICAL
Joomla! Core - [20260518] - Transport encryption downgrade for password and username reset links
CVSS 9.8
CVE-2026-24212 HIGH
Nvidia Isaac Launchable - Cleartext Transmission of Sensitive Information
CVSS 7.5
CVE-2026-25608 LOW
Lack of traffic encryption in STER
CVE-2026-38740 MEDIUM
Foscam VD1 <V5.3.13_1072 - Info Disclosure
CVSS 5.3
CVE-2026-41281 MEDIUM
Kddi Corporation あんしんフィルター For AU - Cleartext Transmission of Sensitive Information
CVSS 4.8
CVE-2026-6276 HIGH
curl 8.7.0-8.19.0 - Sensitive Cookie Leak via Stale Host Header
CVSS 7.5
CVE-2026-4873 MEDIUM
curl 8.7.0-8.19.0 - TLS Bypass via Connection Pool Reuse
CVSS 5.9
CVE-2026-45180 HIGH
Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids
CVSS 7.5
CVE-2026-45179 MEDIUM
Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses
CVSS 5.3
CVE-2026-32683 MEDIUM
EZVIZ APP - Information Disclosure
CVSS 5.3
CVE-2026-7610 LOW
TRENDnet TEW-821DAP Firmware Update ssi cleartext transmission
CVSS 3.7
CVE-2026-42514 HIGH
Sensitive Data Exposure Vulnerability in e-Sushrut HMIS
CVE-2026-40431 MEDIUM
SenseLive X3050 Cleartext transmission of sensitive information
CVSS 5.3
CVE-2026-41275 HIGH
Flowise: Password Reset Link Sent Over Unsecured HTTP
CVSS 7.5
CVE-2026-40045 MEDIUM
OpenClaw < 2026.4.2 - Cleartext Credential Transmission via Unencrypted WebSocket Gateway Endpoints
CVSS 5.7
CVE-2026-6066 HIGH
Unencrypted Client‑Server Communication in ConnectWise Automate™ Solution Center
CVSS 7.1
Details
Vulnerabilities 882
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits