HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object Reference (IDOR) vulnerability.  A user can obtain certain details about another user as a result of improper access control.

In KDE libksieve before 23.03.80, kmanagesieve/session.cpp places a cleartext password in server logs because a username variable is accidentally given a password value.