CWE-221
Information Loss or Omission
ClassIncomplete
Description
The product does not record, or improperly records, security-relevant information that leads to an incorrect decision or hampers later analysis.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-81
CVEs mapped to this weakness (1)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-25598 | 0.00 | — | 0.00 | Feb 9, 2026 | Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action (Community Tier) that allows outbound network connections to evade audit logging.… |
- CVE-2026-25598Feb 9, 2026risk 0.00cvss —epss 0.00
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action (Community Tier) that allows outbound network connections to evade audit logging.…