CVE-2026-45046

Published: Mag 27, 2026 Last Modified: Mag 27, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,5

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: none

Availability: none

Description

AI Translation Available

Gryph provides a security layer for AI coding agents. Prior to 0.7.0, Gryph implements logging levels that determine what content is logged to a local sqlite database. The README incorrectly mentions that the default log level is minimal while it is standard. Source code review shows sensitive file-write content remains in the stored payload as ContentPreview, OldString, or NewString at the default standard logging level and at full. This leads to logging of potentially sensitive file content in the local sqlite database, violating Gryphs sensitive file filter and log level contracts. This vulnerability is fixed in 0.7.0.

212

Improper Removal of Sensitive Information Before Storage or Transfer

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality

Potential Impacts:

Read Files Or Directories Read Application Data

Applicable Platforms

All platforms may be affected

View CWE Details

https://github.com/safedep/gryph/security/advisories/GHSA-f…

https://github.com/safedep/gryph/security/advisories/GHSA-f3jg-756w-gm35

CVE-2026-45046

Description

Improper Removal of Sensitive Information Before Storage or Transfer

Common Consequences

Applicable Platforms

Iscriviti alla newsletter