Skip to main content
Threat Radar animated logo
DashboardThreatsMapFeedsPricingView Plans & Pricing
reconnecting
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.

Threats Tagged 'cwe-117'

View all threats tagged with 'cwe-117'. Filter and sort to focus on specific types of threats.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Search threats by title, CVE ID, or description. Maximum 100 characters.
Active filters (1):Tag: cwe-117

Threats Tagged 'cwe-117'

Click on any threat for detailed analysis and mitigation recommendations

CVE-2026-9016: CWE-117 Improper Output Neutralization for Logs in qriouslad Debug Log Manager – Conveniently Monitor and Inspect ErrorsCVE-2026-9016
0

The Debug Log Manager plugin for WordPress up to version 2.5.0 is vulnerable to improper output neutralization for logs. This vulnerability allows unauthenticated attackers to inject forged entries into the WordPress debug log when the plugin's JavaScript error logging feature is enabled. The issue arises because the AJAX handler for logging errors is accessible without authentication and protected only by a nonce that is publicly exposed in the page HTML. This can lead to misleading log entries that obscure malicious activity.

MediumVulnerability#cve#cve-2026-9016#cwe-117
Join the discussion
CVE-2026-45679: CWE-117: Improper Output Neutralization for Logs in open-telemetry opentelemetry-ebpf-instrumentationCVE-2026-45679
0

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI exports raw Redis error text as the span status message. Because Redis error replies can contain attacker-controlled or sensitive values, this behavior can exfiltrate tokens, PII, or other confidential input into telemetry backends and inject untrusted text into downstream analysis systems. This issue has been patched in version 0.9.0.

MediumVulnerability#cve#cve-2026-45679#cwe-117
Join the discussion

Showing 1 to 2 of 2 results

Filters:Tag: cwe-117
Page 1 of 1
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses