CVE Vulnerabilities

CVE-2026-12086

Insertion of Sensitive Information into Log File

Published: Jun 30, 2026 | Modified: Jul 02, 2026
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io logo minimus.io logo echo.ai logo

IBM UCD - IBM UrbanCode Deploy 7.2 through 7.2.3.23, and 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 stores potentially sensitive information in log files that could be read by a local user.

Weakness

The product writes sensitive information to a log file.

Affected Software

NameVendorStart VersionEnd Version
Devops_deployIbm8.0.0.0 (including)8.0.1.14 (excluding)
Devops_deployIbm8.1.0.0 (including)8.1.2.7 (excluding)
Devops_deployIbm8.2.0.0 (including)8.2.1.0 (excluding)
Urbancode_deployIbm7.2.0.0 (including)7.2.3.24 (excluding)
Urbancode_deployIbm7.3.0.0 (including)7.3.2.19 (excluding)

Potential Mitigations

References