VYPR

CWE-117

Improper Output Neutralization for Logs

BaseDraftLikelihood: Medium

Description

The product constructs a log message from external input, but it does not neutralize or incorrectly neutralizes special elements when the message is written to a log file.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-268 · CAPEC-81 · CAPEC-93

CVEs mapped to this weakness (45)

page 1 of 3
  • CVE-2026-45565HigJun 10, 2026
    risk 0.53cvss 8.1epss 0.00

    Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, EscapedString (app/modules/roxywi/class_models.py:16-30) is the centralised Pydantic validator used on dozens of fields including SSH credential name, username,…

  • CVE-2025-57564HigOct 7, 2025
    risk 0.53cvss 8.2epss 0.00

    CubeAPM nightly-2025-08-01-1 allow unauthenticated attackers to inject arbitrary log entries into production systems via the /api/logs/insert/elasticsearch/_bulk endpoint. This endpoint accepts bulk log data without requiring authentication or input validation, allowing remote…

  • CVE-2024-29022HigApr 12, 2024
    risk 0.50cvss 8.8epss 0.01

    Xibo is an Open Source Digital Signage platform with a web content management system and Windows display player software. In affected versions some request headers are not correctly sanitised when stored in the session and display tables. These headers can be used to inject a…

  • CVE-2024-13949MedMay 22, 2025
    risk 0.44cvss 6.8epss 0.00

    Large content vulnerabilities are present in ASPECT exposing a device to disk overutilization on a system if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.

  • CVE-2026-34478HigApr 10, 2026
    risk 0.42cvss 7.5epss 0.01

    Apache Log4j Core's Rfc5424Layout https://logging.apache.org/log4j/2.x/manual/layouts.html#RFC5424Layout , in versions 2.21.0 through 2.25.3, is vulnerable to log injection via CRLF sequences due to undocumented renames of security-relevant configuration attributes. Two…

  • CVE-2025-10217MedSep 30, 2025
    risk 0.39cvss epss 0.00

    A vulnerability exists in Asset Suite for an authenticated user to manipulate the content of performance related log data or to inject crafted data in logfile for potentially carrying out further malicious attacks. Performance logging is typically enabled for troubleshooting…

  • CVE-2026-45679MedJun 2, 2026
    risk 0.35cvss 6.5epss 0.00

    OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI exports raw Redis error text as the span status message. Because Redis error replies can contain attacker-controlled or sensitive values, this…

  • CVE-2025-11627MedOct 30, 2025
    risk 0.35cvss 6.5epss 0.00

    The Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue plugin for WordPress is vulnerable to log file poisoning in all versions up to, and including, 1.47. This makes it possible for unauthenticated attackers to insert arbitrary content into log files, and…

  • CVE-2026-9016MedJun 6, 2026
    risk 0.34cvss 5.3epss 0.00

    The Debug Log Manager – Conveniently Monitor and Inspect Errors plugin for WordPress is vulnerable to Improper Output Neutralization for Logs in all versions up to, and including, 2.5.0. This is due to the `log_js_errors()` AJAX handler being registered for unauthenticated…

  • CVE-2026-5078MedJun 3, 2026
    risk 0.34cvss 5.3epss 0.00

    Impact: The morgan logging middleware's :remote-user token extracts the Basic auth username from the Authorization request header and writes it to the log stream without neutralizing control characters. An unauthenticated attacker can send a crafted Authorization Basic header…

  • CVE-2026-6494MedApr 17, 2026
    risk 0.34cvss 5.3epss 0.00

    A flaw was found in the AAP MCP server. An unauthenticated remote attacker can exploit a log injection vulnerability by sending specially crafted input to the `toolsetroute` parameter. This parameter is not properly sanitized before being written to logs, allowing the attacker…

  • CVE-2025-23405MedFeb 28, 2025
    risk 0.34cvss 5.3epss 0.00

    Unauthenticated log effects metrics gathering incident response efforts and potentially exposes risk of injection attacks (ex log injection).

  • CVE-2026-20260MedJun 10, 2026
    risk 0.28cvss 4.3epss 0.00

    In Splunk SOAR (Security Orchestration, Automation, and Response) versions below 8.5.0, an unauthenticated attacker could inject American National Standards Institute (ANSI) escape codes into SOAR application log files through specially crafted HTTP request paths, which a…

  • CVE-2025-36625MedApr 18, 2025
    risk 0.28cvss 4.3epss 0.00

    In Nessus versions prior to 10.8.4, a non-authenticated attacker could alter Nessus logging entries by manipulating http requests to the application.

  • CVE-2025-0754MedJan 28, 2025
    risk 0.28cvss 4.3epss 0.00

    The vulnerability was found in OpenShift Service Mesh 2.6.3 and 2.5.6. This issue occurs due to improper sanitization of HTTP headers by Envoy, particularly the x-forwarded-for header. This lack of sanitization can allow attackers to inject malicious payloads into service mesh…

  • CVE-2023-6484MedApr 25, 2024
    risk 0.28cvss 5.3epss 0.01

    A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity.

  • CVE-2025-11065MedJan 26, 2026
    risk 0.27cvss 5.3epss 0.00

    A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data…

  • CVE-2025-14684MedMar 25, 2026
    risk 0.26cvss 4.0epss 0.00

    IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files.

  • CVE-2025-12755MedFeb 17, 2026
    risk 0.26cvss 4.0epss 0.00

    IBM MQ Operator (SC2 v3.2.0–3.8.1, LTS v2.0.0–2.0.29) and IBM‑supplied MQ Advanced container images (across affected SC2, CD, and LTS 9.3.x–9.4.x releases) contain a vulnerability where log messages are not properly neutralized before being written to log files. This…

  • CVE-2025-11537MedFeb 10, 2026
    risk 0.26cvss 5.0epss 0.00

    A flaw was found in Keycloak. When the logging format is configured to a verbose, user-supplied pattern (such as the pre-defined 'long' pattern), sensitive headers including Authorization and Cookie are disclosed to the logs in cleartext. An attacker with read access to the log…