CVE-2026-33620 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-33620 PUBLISHED CVSS 4.300000190734863 MEDIUM

PinchTab: API Bearer Token Exposed in URL Query Parameter via Server Logs and Intermediary Systems

Risk Scores

CVSS v3.1

4.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected Products

Vendor	Product	Versions
github.com	pinchtab/pinchtab	0.7.8, 0.7.8
pinchtab	pinchtab	>= 0.7.8, < 0.8.4, >= 0.7.8, < 0.8.4

Timeline

Mar 24, 2026 CVE Published
Mar 25, 2026 Security Advisory
Mar 27, 2026 CVE Updated

References

Open in Interactive Console →