Medium severity5.3NVD Advisory· Published Apr 14, 2026· Updated Apr 17, 2026
CVE-2026-31924
CVE-2026-31924
Description
Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX.
tencent-cloud-cls log export uses plaintext HTTP This issue affects Apache APISIX: from 2.99.0 through 3.15.0.
Users are recommended to upgrade to version 3.16.0, which fixes the issue.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.openwall.com/lists/oss-security/2026/04/14/2nvdMailing ListThird Party Advisory
- lists.apache.org/thread/sqxjjlt87c1q28db28ztdxylm5pgwohqnvdMailing ListVendor Advisory
News mentions
0No linked articles in our index yet.