CVE-2026-56457
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk8th percentile — higher than 8% of all known CVEs
Summary
A vulnerability in HCL DevOps Deploy / HCL Launch allows exposure of sensitive information in output logs. An attacker with access to the logs could potentially obtain sensitive values related to that step.
Risk Assessment
The risk involves potential leakage of confidential data such as passwords, API keys, or other secrets into logs, which could lead to unauthorized access to systems or data.
Recommendation
It is recommended to immediately apply patches provided by HCL and review and sanitize existing logs for sensitive information. Access to logs should also be restricted to authorized personnel only.
Original NVD description (English source)
HCL DevOps Deploy / HCL Launch is susceptible to an exposure of sensitive information vulnerability in output logs. This exposure could allow an attacker with access to the logs to potentially obtain sensitive values related to that step.

