LOW
vaadin
CVE published 2026-05-19
CVE-2026-7860
CVE-2026-7860 is an information disclosure issue affecting Vaadin Maven and Gradle plugins. When the frontend build process exits with a non-zero status, the plugins can expose the full set of environment variables in build logs. In CI systems, that can leak secrets supplied as environment variables into logs and archived artifacts. The CVE was published on 2026-05-19 and updated on 2026-05-21. The record [truncated]