CVE-2026-42673
7.5 HIGHInsertion of Sensitive Information Into Sent Data vulnerability in Logtivity Activity Logs Activity Logs, User Activity Tracking, Multisi...
Published: 2026-06-01 · Last updated: 2026-06-01
Severity and scoring
- CVSS
- 7.5 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- CWE
- CWE-201
Description
Insertion of Sensitive Information Into Sent Data vulnerability in Logtivity Activity Logs Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity allows Retrieve Embedded Sensitive Data. This issue affects Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity: from n/a through 3.3.6.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-7184 — Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15 fail to sanitize the Remote Cluster API response on PATCH ope... (6.5 MEDIUM)
- CVE-2026-44487 — Axios is a promise based HTTP client for the browser and Node.js (7.5 HIGH)
- CVE-2026-46481 — OpenMetadata is a unified metadata platform (8.3 HIGH)
- CVE-2026-42539 — IRIS is a web collaborative platform that helps incident responders share technical details during investigations (6.5 MEDIUM)
- CVE-2026-45739 — Strawberry GraphQL is a library for creating GraphQL APIs (3.1 LOW)