8 vulnerabilities classified as CWE-223 (安全相关信息的遗漏). AI Chinese analysis included.
CWE-223 represents a critical design flaw where software fails to record or display essential security-related information, thereby obscuring the source or nature of potential attacks. This omission typically allows attackers to evade detection and forensic analysis, as the absence of audit trails or contextual logs prevents administrators from identifying malicious activity or verifying the safety of system actions. Consequently, incidents remain invisible until significant damage occurs, complicating incident response and remediation efforts. To mitigate this weakness, developers must implement comprehensive logging mechanisms that capture detailed context for all security-sensitive operations. By ensuring that every critical action generates sufficient diagnostic data, organizations can maintain visibility into system behavior, enabling rapid threat identification and robust security monitoring without compromising operational efficiency.
function login($userName,$password){ if(authenticate($userName,$password)){ return True; } else{ incrementLoginAttempts($userName); if(recentLoginAttempts($userName) > 5){ writeLog("Failed login attempt by User: " . $userName . " at " + date('r') ); } } }function readFile($filename){ $user = getCurrentUser(); $realFile = $filename; //resolve file if its a symbolic link if(is_link($filename)){ $realFile = readlink($filename); } if(fileowner($realFile) == $user){ echo file_get_contents($realFile); return; } else{ echo 'Access denied'; writeLog($user . ' attempted to access the file '. $filename . ' on '. date('r')); } }| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-31890 | Inspektor Gadget: Tracing Denial of Service via Event Flooding — inspektor-gadget | 6.5AI | MediumAI | 2026-03-12 |
| CVE-2025-52926 | spytrap-adb 安全漏洞 — spytrap-adb | 2.7 | Low | 2025-06-23 |
| CVE-2024-52813 | matrix-sdk-crypto missing facility to signal rotation of a verified cryptographic identity — matrix-rust-sdk | 4.3 | Medium | 2025-01-07 |
| CVE-2023-31191 | Denial of Service due to loss of information in DroneScout ds230 Remote ID receiver from BlueMark Innovations — ds230 | 9.3 | Critical | 2023-07-11 |
| CVE-2023-29156 | Denial of Service due to loss of information in DroneScout ds230 Remote ID receiver from BlueMark Innovations — ds230 | 4.7 | Medium | 2023-07-11 |
| CVE-2023-28360 | Brave 安全漏洞 — https://laptop-updates.brave.com/latest/winx64 | 4.4 | - | 2023-05-11 |
| CVE-2022-44646 | JetBrains TeamCity 安全漏洞 — TeamCity | 2.2 | Low | 2022-11-03 |
| CVE-2022-22563 | Dell Technologies Dell PowerScale OneFS安全漏洞 — PowerScale OneFS | 4.4 | Medium | 2022-04-08 |
Vulnerabilities classified as CWE-223 (安全相关信息的遗漏) represent 8 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.