CVE-2026-31924

N/A Unknown

Published: April 14, 2026 Modified: April 14, 2026

Description

Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. tencent-cloud-cls log export uses plaintext HTTP This issue affects Apache APISIX: from 2.99.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://lists.apache.org/thread/sqxjjlt87c1q28db28ztdxylm5pgwohq

Source: security@apache.org

http://www.openwall.com/lists/oss-security/2026/04/14/2

Source: af854a3a-2127-422b-91ae-364da2661108

2 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-319

Related CVEs

CVE-2025-13822 N/A

CVE-2026-4109 4.3

CVE-2026-33929 N/A

CVE-2026-33892 7.1

CVE-2026-31923 N/A