CVE-2026-5380
Received Received - Intake
Clear-Text Credential Exposure in runZero Platform

Publication date: 2026-04-07

Last updated on: 2026-04-21

Assigner: 44488dab-36db-4358-99f9-bc116477f914

Description
An issue that could allow an authorized user to view the clear-text secrets for a subset of credential types and fields has been resolved. This is an instance of CWE-522: Insufficiently Protected Credentials, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N (5.3 Medium). This issue was fixed in version 4.0.260204.2 of the runZero Platform.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-07
Last Modified
2026-04-21
Generated
2026-06-16
AI Q&A
2026-04-07
EPSS Evaluated
2026-06-15
NVD
CVE-2026-5380
EUVD
EUVD-2026-19697
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
runzero runzero_platform to 4.0.260204.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-5380 is a vulnerability in the runZero Platform that allows an authorized user to view clear-text secrets for certain credential types and fields. This means that sensitive credential information is not sufficiently protected and can be exposed in an unencrypted form.

This vulnerability is classified as CWE-522: Insufficiently Protected Credentials. It has a CVSS 3.1 base score of 5.3 (Medium severity), indicating a network attack vector with high attack complexity, no privileges required, user interaction required, and a high impact on confidentiality but no impact on integrity or availability.

Impact Analysis

The vulnerability could allow an attacker who is in a man-in-the-middle (MITM) position between the runZero console and a remote API endpoint to exploit the exposed clear-text secrets. This could lead to the attacker gaining initial access to a targeted runZero Platform instance.

Since the exposed secrets are sensitive credentials, their disclosure could compromise the security of the platform and potentially allow unauthorized access or further attacks.

Mitigation Strategies

To mitigate this vulnerability, you should upgrade the runZero Platform to version 4.0.260204.2 or later, where the issue has been fixed.

Compliance Impact

This vulnerability involves the exposure of clear-text secrets for certain credential types and fields, which represents insufficient protection of credentials (CWE-522). Such exposure could lead to unauthorized access to sensitive information.

Exposure of sensitive credentials can impact compliance with standards and regulations like GDPR and HIPAA, which require adequate protection of personal and sensitive data to prevent unauthorized disclosure.

Therefore, if exploited, this vulnerability could potentially lead to non-compliance with these regulations due to the risk of unauthorized access and data exposure.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-5380. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart