CVE-2026-22155
A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through
CVSS
6.5
Medio
EPSS
0.2%
p7
KEV
—
Exploit Today
2
0-100
Publicado: 14 abr 2026 · Última mod.: 8 jul 2026 · CWE-319
0.2%EPSS · 30 días0.2%
2026-06-302026-07-17
A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.1, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow attacker to information disclosure via <insert attack vector here>
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2023-318237.5 ALT47.0%
——14An issue found in Marui Co Marui Official app v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Marui Official Store function.9dCVE-2024-487887.5 ALT43.2%
——13An issue in YESCAM (com.yescom.YesCam.zwave) 1.0.2 allows a remote attacker to obtain sensitive information via the firmware update process.13dCVE-2024-388917.5 ALT35.4%
——11An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Sniffing Network Traffic attack due to the cleartext transmission of sensitive information.12dCVE-2023-390867.5 ALT23.4%
——7ASUS RT-AC66U B1 3.0.0.4.286_51665 was discovered to transmit sensitive information in cleartext.9dCVE-2025-564479.8 CRÍ19.3%
——6TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.12dCVE-2025-671597.5 ALT17.4%
——5Vatilon v1.12.37-20240124 was discovered to transmit user credentials in plaintext.13d