VYPR

CWE-221

Information Loss or Omission

ClassIncomplete

Description

The product does not record, or improperly records, security-relevant information that leads to an incorrect decision or hampers later analysis.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-81

CVEs mapped to this weakness (1)

  • CVE-2026-25598Feb 9, 2026
    risk 0.00cvss epss 0.00

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action (Community Tier) that allows outbound network connections to evade audit logging.…