CWE-117: Improper Output Neutralization for Logs — known CVE vulnerabilities
CVEs classified under CWE-117 (Improper Output Neutralization for Logs), ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2023-46322 — CVSS 9.8 (critical): iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The hostname's initial character may be…
CVE-2023-46321 — CVSS 9.8 (critical): iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize paths in x-man-page URLs. They may have shell metacharacters for a…
CVE-2024-0095 — CVSS 9.0 (critical): NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can inject forged logs and executable commands…
CVE-2024-25047 — CVSS 8.6 (high): IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 is vulnerable to injection attacks in application logging by not…
CVE-2025-57564 — CVSS 8.2 (high): CubeAPM nightly-2025-08-01-1 allow unauthenticated attackers to inject arbitrary log entries into production systems via the…
CVE-2026-10745: Improper output neutralization for logs vulnerability in upKeeper Solutions upKeeper Instant Privilege Access on Windows allows Log…
CVE-2019-14846 — CVSS 7.8 (high): In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG…
CVE-2025-54813 — CVSS 7.5 (high): Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using JSONLayout, not all payload bytes are properly escaped…
CVE-2024-32474 — CVSS 7.3 (high): Sentry is an error tracking and performance monitoring platform. Prior to 24.4.1, when authenticating as a superuser to Sentry with a…
CVE-2025-59784 — CVSS 7.2 (high): 2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs…
CVE-2026-12616: The /v1/upload/sbom endpoint extracts the iss claim from the attacker-supplied JWT with signature verification disabled, then interpolates…
CVE-2024-13949 — CVSS 6.8 (medium): Large content vulnerabilities are present in ASPECT exposing a device to disk overutilization on a system if administrator credentials…
CVE-2026-45679 — CVSS 6.5 (medium): OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI exports…
CVE-2025-11627 — CVSS 6.5 (medium): The Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue plugin for WordPress is vulnerable to log file poisoning in…
CVE-2025-58580 — CVSS 6.5 (medium): An API endpoint allows arbitrary log entries to be created via POST request. Without sufficient validation of the input data, an attacker…
CVE-2025-54656 — CVSS 6.5 (medium): ** UNSUPPORTED WHEN ASSIGNED ** Improper Output Neutralization for Logs vulnerability in Apache Struts. This issue affects Apache Struts…
CVE-2020-11644 — CVSS 6.5 (medium): The information disclosure vulnerability present in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions…
CVE-2019-14854 — CVSS 6.5 (medium): OpenShift Container Platform 4 does not sanitize secret data written to static pod logs when the log level in a given operator is set to…
CVE-2019-14864 — CVSS 6.5 (medium): Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it…
CVE-2019-10213 — CVSS 6.5 (medium): OpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod logs when the log level in a given…
CVE-2024-7696 — CVSS 6.3 (medium): Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for an authenticated malicious client to…
CVE-2025-36159 — CVSS 6.2 (medium): IBM Concert 1.0.0 through 2.0.0 could allow a local user to forge log files to impersonate other users or hide their identity due to…
CVE-2025-54389 — CVSS 6.2 (medium): AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in…
CVE-2025-10217: A vulnerability exists in Asset Suite for an authenticated user to manipulate the content of performance related log data or to inject…
CVE-2020-14332 — CVSS 5.5 (medium): A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--check-mode) do not properly neutralize…
CVE-2026-1337 — CVSS 5.4 (medium): Insufficient escaping of unicode characters in query log in Neo4j Enterprise and Community editions prior to 2026.01 can lead to XSS if the…
CVE-2025-54812 — CVSS 5.4 (medium): Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when…
CVE-2024-52891 — CVSS 5.4 (medium): IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could allow an authenticated user to inject malicious information or obtain…
CVE-2026-9016 — CVSS 5.3 (medium): The Debug Log Manager – Conveniently Monitor and Inspect Errors plugin for WordPress is vulnerable to Improper Output Neutralization for…
CVE-2026-5078 — CVSS 5.3 (medium): Impact: The morgan logging middleware's :remote-user token extracts the Basic auth username from the Authorization request header and…
CVE-2026-6494 — CVSS 5.3 (medium): A flaw was found in the AAP MCP server. An unauthenticated remote attacker can exploit a log injection vulnerability by sending specially…
CVE-2025-66577 — CVSS 5.3 (medium): cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows…
CVE-2025-20384 — CVSS 5.3 (medium): In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.6…
CVE-2025-36081 — CVSS 5.3 (medium): IBM Concert Software 1.0.0 through 2.0.0 could allow a user to modify system logs due to improper neutralization of log input.
CVE-2025-59476 — CVSS 5.3 (medium): Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not restrict or transform the characters that can be inserted from user-specified…
CVE-2024-52962 — CVSS 5.3 (medium): An Improper Output Neutralization for Logs vulnerability [CWE-117] in FortiAnalyzer version 7.6.1 and below, version 7.4.5 and below…
CVE-2024-12580 — CVSS 5.3 (medium): A vulnerability in danny-avila/librechat prior to version 0.7.6 allows for logs debug injection. The parameters sessionId, fileId, userId…
CVE-2025-25294 — CVSS 5.3 (medium): Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. In all Envoy…
CVE-2025-23405 — CVSS 5.3 (medium): Unauthenticated log effects metrics gathering incident response efforts and potentially exposes risk of injection attacks (ex log…
CVE-2024-49355 — CVSS 5.3 (medium): IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files when the tracing is enabled per the System…
CVE-2024-35150 — CVSS 5.3 (medium): IBM Maximo Application Suite 8.10.12, 8.11.0, 9.0.1, and 9.1.0 - Monitor Component does not neutralize output that is written to logs…
CVE-2024-31845 — CVSS 5.3 (medium): An issue was discovered in Italtel Embrace 1.6.4. The product does not neutralize or incorrectly neutralizes output that is written to…
CVE-2023-6484 — CVSS 5.3 (medium): A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn…
CVE-2024-1681 — CVSS 5.3 (medium): corydolphin/flask-cors is vulnerable to log injection when the log level is set to debug. An attacker can inject fake log entries into the…
CVE-2023-46713 — CVSS 5.3 (medium): An improper output neutralization for logs in Fortinet FortiWeb 6.2.0 - 6.2.8, 6.3.0 - 6.3.23, 7.0.0 - 7.0.9, 7.2.0 - 7.2.5 and 7.4.0 may…
CVE-2023-31405 — CVSS 5.3 (medium): SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an unauthenticated attacker to craft a request…
CVE-2023-0595 — CVSS 5.3 (medium): A CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious…
CVE-2022-1522 — CVSS 5.3 (medium): The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-117: Improper Output Neutralization…
CVE-2020-4072 — CVSS 5.3 (medium): In generator-jhipster-kotlin version 1.6.0 log entries are created for invalid password reset attempts. As the email is provided by a user…