CWE-532: Insertion of Sensitive Information into Log File
The product writes sensitive information to a log file.
Last updated
Overview
CWE-532 (Insertion of Sensitive Information into Log File) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Real-world CVEs
742 recorded CVEs are caused by CWE-532 (Insertion of Sensitive Information into Log File), including 2 in CISA's KEV (Known Exploited Vulnerabilities) catalog. KEVs are shown first. 128 new CWE-532 CVEs have been recorded so far in 2026 (163 in 2025).