CVE-2026-24308
Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sens
CVSS
7.5
High
EPSS
1.2%
p64
KEV
—
Exploit Today
19
0-100
Published: Mar 7, 2026 · Last modified: Jul 15, 2026 · CWE-532 · CWE-117
1.1%EPSS · 30 days1.2%
2026-06-302026-07-16
Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the client's logfile. Configuration values are exposed at INFO level logging rendering potential production systems affected by the issue. Users are recommended to upgrade to version 3.8.6 or 3.9.5 which fixes this issue.
- lists.apache.orghttps://lists.apache.org/thread/qng3rtzv2pqkmko4rhv85jfplkyrgqdr
- www.openwall.comhttp://www.openwall.com/lists/oss-security/2026/03/07/5
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:10184
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:14272
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:14276
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:34608
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:8509
- access.redhat.comhttps://access.redhat.com/security/cve/CVE-2026-24308
- bugzilla.redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=2445451
- security.access.redhat.comhttps://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24308.json
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2023-432617.5 HIG99.0%
——30An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components.8dCVE-2026-227789.8 CRI88.9%
——27vLLM is an inference and serving engine for large language models (LLMs). From 0.8.3 to before 0.14.1, when an invalid image is sent to vLLM's multimodal endpoint, PIL throws an error. vLLM returns this error to the client, leaking a heap address. With this leak, we reduce ASLR from 4 billion guesses to ~8 guesses. This vulnerability can be chained a heap overflow with JPEG2000 decoder in OpenCV/FFmpeg to achieve remote code execution. This vulnerability is fixed in 0.14.1.2dCVE-2017-176755.3 MED54.4%
——16BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. Remote logging can be accessed by unauthenticated users, allowing for an attacker to hijack the system logs. This data can include user names and HTTP data.8dCVE-2024-236865.3 MED44.6%
——13DependencyCheck for Maven 9.0.0 to 9.0.6, for CLI version 9.0.0 to 9.0.5, and for Ant versions 9.0.0 to 9.0.5, when used in debug mode, allows an attacker to recover the NVD API Key from a log file.2dCVE-2023-517026.5 MED30.4%
——9Since version 5.2.0, when using deferrable mode with the path of a Kubernetes configuration file for authentication, the Airflow worker serializes this configuration file as a dictionary and sends it to the triggerer by storing it in metadata without any encryption. Additionally, if used with an Airflow version between 2.3.0 and 2.6.0, the configuration dictionary will be logged as plain text in the triggerer service without masking. This allows anyone with access to the metadata or triggerer log to obtain the configuration file and use it to access the Kubernetes cluster.
This behavior was changed in version 7.0.0, which stopped serializing the file contents and started providing the file path instead to read the contents into the trigger. Users are recommended to upgrade to version 7.0.0, which fixes this issue.14dCVE-2026-503165.5 MED28.4%
——9Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.9h