CVE-2026-45679
6.5 MEDIUMOpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard
Published: 2026-06-02 · Last updated: 2026-06-03
Severity and scoring
- CVSS
- 6.5 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
- CWE
- CWE-117, CWE-532
Affected products
| Vendor | Product |
|---|---|
| opentelemetry | ebpf_instrumentation |
Description
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI exports raw Redis error text as the span status message. Because Redis error replies can contain attacker-controlled or sensitive values, this behavior can exfiltrate tokens, PII, or other confidential input into telemetry backends and inject untrusted text into downstream analysis systems. This issue has been patched in version 0.9.0.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-45679
- [Other]https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/releases/tag/v0.9.0
- [Vendor advisory]https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/security/advisories/GHSA-8rrq-wcg8-cv5q
- [Vendor advisory]https://github.com/open-telemetry/opentelemetry-ebpf-instrumentation/security/advisories/GHSA-8rrq-wcg8-cv5q
Related CVEs
Same vendor
- CVE-2026-45686 — OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard (7.5 HIGH)
- CVE-2026-45685 — OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard (7.5 HIGH)
- CVE-2026-45684 — OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard (4.9 MEDIUM)
- CVE-2026-45683 — OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard (3.8 LOW)
- CVE-2026-45682 — OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard (5.1 MEDIUM)
Same CWE
- CVE-2026-0267 — An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured p...
- CVE-2026-20260 — In Splunk SOAR (Security Orchestration, Automation, and Response) versions below 8.5.0, an unauthenticated attacker could inject American... (4.3 MEDIUM)
- CVE-2026-45565 — Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers (8.1 HIGH)
- CVE-2026-9751 — The ldapQueryPassword parameter, when set through the runtime setParameter command, will log the new password to the mongod.log file in p... (5.5 MEDIUM)
- CVE-2026-9735 — MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication (5.5 MEDIUM)