Sensitive Information Exposure in Log Files of Affected Software from Vendor X
CVE-2026-22098

9.2CRITICAL

Key Information:

Vendor

Evbee

Status
Vendor
CVE Published:
13 July 2026

What is CVE-2026-22098?

This vulnerability allows for the exposure of sensitive information, such as user passwords and charging card unique identifiers (UIDs), by being improperly logged. This can lead to significant security risks if attackers gain access to these log files. It is essential for users to ensure their systems are updated and to monitor log file permissions to mitigate potential data leaks.

Affected Version(s)

DC-80 0 < 1.5.1

References

CVSS V4

Score:
9.2
Severity:
CRITICAL
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Wilco van Beijnum (ElaadNL)
Jeroen van der Ham-de Vos (DIVD)
.