By weakness (CWE)

CWE-117: related vulnerabilities

CVEs classified under CWE-117. Understanding the weakness class helps prioritize systemic fixes over one-off patches.

1 published vulnerability

  • CVE-2026-45679MEDIUM 6.5

    OpenTelemetry eBPF Instrumentation versions before 0.9.0 leak sensitive data through telemetry systems. When Redis commands fail, the instrumentation captures and exports the raw error messages produced by Redis. Attackers or misconfigured systems can craft Redis error responses containing authentication tokens, personally identifiable information, or other secrets. These sensitive values then flow into your telemetry backend—where security teams, SREs, and external monitoring vendors can see them—and may propagate into downstream analysis, alerting, or visualization tools. This is a data exfiltration vulnerability that risks exposing confidential input into systems where it was never intended to be visible.