This page collects WhisperX intelligence signals tagged #CWE-532. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical security vulnerability has been identified in a production codebase, where database migration scripts are logging plaintext passwords directly to console output. The flaw, classified as a P0 high-severity issue, involves two specific functions within the `server/src/db/migrations.ts` file. On line 288, the `...
Logixlysia, a software platform, is exposing a critical information disclosure vulnerability that leaks sensitive data directly into its logs. The system's logging mechanism passes entire error objects to console output, log files, and external logging services without any sanitization or filtering. This flaw means any...
A static application security testing (SAST) scan has flagged a medium-severity vulnerability within the Apache Superset codebase, where a Python logger call risks exposing sensitive API key handling logic. The scanner detected a specific log message—"Failed to reload API key user %s with relationships; using original ...