CVE Catalog

CVE-2026-57736

HighCVSS 7.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

7th percentile — higher than 7% of all known CVEs

Summary

An insertion of sensitive information into sent data vulnerability in HubSpot allows retrieval of embedded sensitive data. This issue affects HubSpot from n/a through 11.3.51.

Risk Assessment

An attacker can intercept sensitive data (e.g., tokens, API keys) sent by the application, leading to confidentiality breaches and potential account or system access compromise.

Recommendation

Immediately upgrade HubSpot to a version later than 11.3.51 and audit configurations for data leakage.

Original NVD description (English source)

Insertion of Sensitive Information Into Sent Data vulnerability in HubSpot allows Retrieve Embedded Sensitive Data. This issue affects HubSpot: from n/a through 11.3.51.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS