CVE Catalog
CVE-2026-57736
HighCVSS 7.4Exploitation Probability (EPSS)
Low risk0.18%
7th percentile — higher than 7% of all known CVEs
Summary
An insertion of sensitive information into sent data vulnerability in HubSpot allows retrieval of embedded sensitive data. This issue affects HubSpot from n/a through 11.3.51.
Risk Assessment
An attacker can intercept sensitive data (e.g., tokens, API keys) sent by the application, leading to confidentiality breaches and potential account or system access compromise.
Recommendation
Immediately upgrade HubSpot to a version later than 11.3.51 and audit configurations for data leakage.
Original NVD description (English source)
Insertion of Sensitive Information Into Sent Data vulnerability in HubSpot allows Retrieve Embedded Sensitive Data. This issue affects HubSpot: from n/a through 11.3.51.

