8.7
CVE-2026-25813
- EPSS 0.26%
- Veröffentlicht 09.02.2026 21:04:46
- Zuletzt bearbeitet 18.02.2026 20:10:30
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
LoginPlaciPy Exposes Sensitive Data via Application Logs
PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The application logs highly sensitive data directly to console output without masking or redaction.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Prasklatechnology ≫ Placipy Version1.0.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.26% | 0.167 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| security-advisories@github.com | 8.7 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-532 Insertion of Sensitive Information into Log File
The product writes sensitive information to a log file.
https://github.com/Praskla-Technology/assessment-placipy/security/advisories/GHSA-3647-q595-wfr2