CVE-2026-56459

Severity CVSS v4.0:
Pending analysis
Type:
CWE-532 Information Exposure Through Log Files
Publication date:
09/07/2026
Last modified:
10/07/2026

Description

HCL DevOps Deploy / HCL Launch is susceptible to sensitive information disclosure.  The application stores potentially sensitive information in log files that could be read by a local user.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:hcltechsw:hcl_devops_deploy:*:*:*:*:*:*:*:* 8.0.0.0 (including) 8.0.1.14 (excluding)
cpe:2.3:a:hcltechsw:hcl_devops_deploy:*:*:*:*:*:*:*:* 8.1.0.0 (including) 8.1.2.7 (excluding)
cpe:2.3:a:hcltechsw:hcl_devops_deploy:*:*:*:*:*:*:*:* 8.2.0.0 (including) 8.2.2.0 (excluding)
cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:* 7.3.0.0 (including) 7.3.2.19 (excluding)