CVE Catalog

CVE-2026-56457

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

8th percentile — higher than 8% of all known CVEs

Summary

A vulnerability in HCL DevOps Deploy / HCL Launch allows exposure of sensitive information in output logs. An attacker with access to the logs could potentially obtain sensitive values related to that step.

Risk Assessment

The risk involves potential leakage of confidential data such as passwords, API keys, or other secrets into logs, which could lead to unauthorized access to systems or data.

Recommendation

It is recommended to immediately apply patches provided by HCL and review and sanitize existing logs for sensitive information. Access to logs should also be restricted to authorized personnel only.

Original NVD description (English source)

HCL DevOps Deploy / HCL Launch is susceptible to an exposure of sensitive information vulnerability in output logs. This exposure could allow an attacker with access to the logs to potentially obtain sensitive values related to that step.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS