CVE-2026-8671 PUBLISHED

Log Files contain encrypted secrets

Assigner: NCSC.ch
Reserved: 15.05.2026 Published: 22.05.2026 Updated: 22.05.2026

Insertion of sensitive information into log file vulnerability in syslink software AG Avantra on Linux, Windows allows Resource Leak Exposure.

This issue affects Avantra: before 25.3.0.

Metrics

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L
CVSS Score: 7.5

Product Status

Vendor syslink software AG
Product Avantra
Versions Default: unaffected
  • affected from 0 to 25.3.0 (excl.)

Credits

  • Vicxer Inc. finder

References

Problem Types

  • CWE-532 Insertion of sensitive information into log file CWE

Impacts

  • CAPEC-131 Resource Leak Exposure