CWE-319

High likelihood

Cleartext Transmission of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

882 vulnerabilities with CWE-319
CVE-2026-33569 MEDIUM
Anviz Products Cleartext Transmission of Sensitive Information
CVSS 6.5
CVE-2026-33472 MEDIUM
Cryptomator 1.19.1 - OAuth Token Exchange HTTP Downgrade
CVSS 4.8
CVE-2026-22155 MEDIUM
FortiSOAR 7.3-7.6 - Cleartext Transmission of Sensitive Information
CVSS 6.5
CVE-2026-21742 MEDIUM
Fortinet FortiSOAR PaaS <7.6.2 - Info Disclosure
CVSS 5.7
CVE-2026-31924 MEDIUM
Apache APISIX: Plugin tencent-cloud-cls log export uses plaintext HTTP
CVSS 5.3
CVE-2026-31923 HIGH
Apache APISIX: Openid-connect `tls_verify` field is disabled by default
CVSS 7.5
CVE-2026-4820 MEDIUM
IBM Maximo Application Suite was vulnerable to because Cookie ltpatoken2_<workspace_name> was not set with secure flag
CVSS 4.3
CVE-2026-5115 HIGH
Session hijacking in PaperCut NG/MF embedded application for Konica Minolta devices
CVSS 7.5
CVE-2026-5119 MEDIUM
Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment
CVSS 5.9
CVE-2026-1014 MEDIUM
IBM InfoSphere Information Server is vulnerable due to disclosure of sensitive information
CVSS 6.5
CVE-2026-20115 MEDIUM
Cisco IOS XE Software <17.14.1 - Info Disclosure
CVSS 6.1
CVE-2026-4584 LOW
Shenzhen HCC Technology MPOS M6 PLUS Cardholder Data cleartext transmission
CVSS 3.1
CVE-2026-24060 CRITICAL
Automated Logic WebCTRL Premium Server Cleartext Transmission of Sensitive Information
CVSS 9.1
CVE-2026-32309 HIGH
Cryptomator: Hub unlocking accepts plaintext HTTP and unvalidated endpoint schemes
CVSS 7.5
CVE-2026-32838 HIGH
Edimax GS-5008PL <= 1.00.54 Transmits Credentials Over Cleartext HTTP
CVSS 7.5
CVE-2026-32745 MEDIUM
JetBrains Datalore <2026.1 - Session Hijacking
CVSS 6.3
CVE-2026-23662 HIGH
Azure IoT Explorer < 0.15.13 - Unauthenticated Information Disclosure
CVSS 7.5
CVE-2026-23661 HIGH
Azure IoT Explorer - Info Disclosure
CVSS 7.5
CVE-2026-2671 LOW
Mendi Neurofeedback Headset V4 - Info Disclosure
CVSS 3.1
CVE-2026-30796 HIGH
RustDesk Server Pro <1.7.5 - Info Disclosure
CVSS 7.5
CVE-2026-30795 HIGH
RustDesk Client <=1.4.5 - Info Disclosure
CVSS 7.5
CVE-2026-20801 MEDIUM
Gallagher NxWitness VMS and Hanwha VMS Integrations - Cleartext Transmission of Sensitive Information
CVSS 5.6
CVE-2026-27752 MEDIUM
SODOLA SL902-SWTGW124AS <200.1.20 - Info Disclosure
CVSS 5.9
CVE-2026-24455 HIGH
Device Web Interface - Info Disclosure
CVSS 7.5
CVE-2026-2539 MEDIUM
Micca Car Alarm System KE700 - Cleartext Transmission of Sensitive Information via RF Communication Protocol
Details
Vulnerabilities 882
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits