CWE-319 (敏感数据的明文传输) — Vulnerability Class 351

351 vulnerabilities classified as CWE-319 (敏感数据的明文传输). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-40431	SenseLive X3050 Cleartext transmission of sensitive information — X3050	5.3	Medium	2026-04-23
CVE-2026-41275	Flowise: Password Reset Link Sent Over Unsecured HTTP — Flowise	6.8^AI	Medium^AI	2026-04-23
CVE-2025-31981	HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption — BigFix Service Management (SM)	5.3	Medium	2026-04-21
CVE-2026-40045	OpenClaw < 2026.4.2 - Cleartext Credential Transmission via Unencrypted WebSocket Gateway Endpoints — OpenClaw	5.7	Medium	2026-04-20
CVE-2026-6066	Unencrypted Client‑Server Communication in ConnectWise Automate™ Solution Center — Automate	7.1	High	2026-04-20
CVE-2026-33569	Anviz Products Cleartext Transmission of Sensitive Information — Anviz CX7 Firmware	6.5	Medium	2026-04-17
CVE-2026-22155	Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise 安全漏洞 — FortiSOAR on-premise	6.2	Medium	2026-04-14
CVE-2026-21742	Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise 安全漏洞 — FortiSOAR PaaS	5.4	Medium	2026-04-14
CVE-2026-31923	Apache APISIX: Openid-connect `tls_verify` field is disabled by default — Apache APISIX	7.5	-	2026-04-14
CVE-2026-31924	Apache APISIX: Plugin tencent-cloud-cls log export uses plaintext HTTP — Apache APISIX	7.5	-	2026-04-14
CVE-2026-5115	Session hijacking in PaperCut NG/MF embedded application for Konica Minolta devices — Papercut NG/MF	7.1^AI	High^AI	2026-03-31
CVE-2026-5119	Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment — Red Hat Enterprise Linux 10	5.9	Medium	2026-03-30
CVE-2026-1014	IBM InfoSphere Information Server is vulnerable due to disclosure of sensitive information — InfoSphere Information Server	6.5	Medium	2026-03-25
CVE-2025-64648	Multiple Vulnerabilities in IBM Concert Software — Concert	5.9	Medium	2026-03-25
CVE-2026-20115	Cisco IOS XE Software 安全漏洞 — Cisco IOS XE Software	6.1	Medium	2026-03-25
CVE-2026-4584	Shenzhen HCC Technology MPOS M6 PLUS Cardholder Data cleartext transmission — MPOS M6 PLUS	3.1	Low	2026-03-23
CVE-2026-24060	Automated Logic WebCTRL Premium Server Cleartext Transmission of Sensitive Information — WebCTRL Premium Server	9.1	Critical	2026-03-20
CVE-2026-32309	Cryptomator: Hub unlocking accepts plaintext HTTP and unvalidated endpoint schemes — cryptomator	9.1	-	2026-03-20
CVE-2026-32838	Edimax GS-5008PL <= 1.00.54 Transmits Credentials Over Cleartext HTTP — Edimax GS-5008PL	7.5	High	2026-03-17
CVE-2025-13718	IBM Sterling Partner Engagement Manager Information Disclosure — Sterling Partner Engagement Manager	3.7	Low	2026-03-13
CVE-2026-23661	Azure IoT Explorer Information Disclosure Vulnerability — Azure IoT Explorer	7.5	High	2026-03-10
CVE-2026-2671	Mendi Neurofeedback Headset Bluetooth Low Energy cleartext transmission — Neurofeedback Headset	3.1	Low	2026-03-07
CVE-2026-30796	RustDesk Server Pro API Requires Address Book Password in Plaintext for Sync Protocol — RustDesk Server Pro	6.2	-	2026-03-05
CVE-2026-30795	RustDesk HTTP Client Silently Accepts Invalid TLS Certificates After Handshake Failure — RustDesk Client	7.5	-	2026-03-05
CVE-2026-20801	Gallagher NxWitness VMS 安全漏洞 — NxWitness VMS and Hanwha VMS Integrations	5.6	Medium	2026-03-03
CVE-2026-27752	SODOLA SL902-SWTGW124AS <= 200.1.20 Cleartext Credential Transmission — SODOLA SL902-SWTGW124AS	5.9	Medium	2026-02-27
CVE-2026-24455	Jinan USR IOT Technology Limited (PUSR) USR-W610 Cleartext Transmission of Sensitive Information — USR-W610	7.5	High	2026-02-20
CVE-2025-27903	Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows — DB2 Recovery Expert for LUW	5.9	Medium	2026-02-17
CVE-2026-2539	Micca KE700 Cleartext transmission of key fob ID — Car Alarm System KE700	6.5^AI	Medium^AI	2026-02-15
CVE-2025-10174	Improper Access Control in Pan Software's PanCafe Pro — PanCafe Pro	8.3	High	2026-02-11

Vulnerabilities classified as CWE-319 (敏感数据的明文传输) represent 351 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-319 (敏感数据的明文传输) — Vulnerability Class 351