What is CVE-2026-11820?

CVE-2026-11820 is a medium-severity vulnerability in Red Hat Enterprise Linux 10, classified under Insertion of Sensitive Information into Log File. CVSS score: 6.5/10. Published 2026-06-23.

How severe is CVE-2026-11820?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Information disclosure in Red Hat Enterprise Linux 10

CVE-2026-11820

Module: plugins/modules/nexmo.py CVSS 3.1: 6.5 MEDIUM — AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: api_key and api_secret are declared no_log=True at the input level, but both credentials are immediately URL-encoded into a GET request a…

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 9

Weakness classification (CWE)

CWE-532 — Insertion of Sensitive Information into Log File

References

secalert@redhat.com (x_refsource_REDHAT, vdb-entry)
secalert@redhat.com (x_refsource_REDHAT, issue-tracking)

Frequently asked questions

What is CVE-2026-11820?: CVE-2026-11820 is a medium-severity vulnerability in Red Hat Enterprise Linux 10, classified under Insertion of Sensitive Information into Log File. CVSS score: 6.5/10. Published 2026-06-23.
How severe is CVE-2026-11820?: Medium severity. CVSS v3 base score is 6.5 out of 10.