diff --git a/bitbake/lib/hashserv/__init__.py b/bitbake/lib/hashserv/__init__.py
index ac891e0174d..d2471fe7858 100644
--- a/bitbake/lib/hashserv/__init__.py
+++ b/bitbake/lib/hashserv/__init__.py
@@ -28,6 +28,8 @@ def create_server(
     admin_password=None,
     reuseport=False,
 ):
+    HIDE_FRAME_ARGS = True  # Do not leak password on exception
+
     def sqlite_engine():
         from .sqlite import DatabaseEngine
 
@@ -70,6 +72,8 @@ def create_server(
 
 
 def create_client(addr, username=None, password=None):
+    HIDE_FRAME_ARGS = True  # Do not leak password on exception
+
     from . import client
 
     c = client.Client(username, password)
@@ -89,6 +93,8 @@ def create_client(addr, username=None, password=None):
 
 
 async def create_async_client(addr, username=None, password=None):
+    HIDE_FRAME_ARGS = True  # Do not leak password on exception
+
     from . import client
 
     c = client.AsyncClient(username, password)
diff --git a/bitbake/lib/hashserv/client.py b/bitbake/lib/hashserv/client.py
index a510f3284fc..13a6e62e7fe 100644
--- a/bitbake/lib/hashserv/client.py
+++ b/bitbake/lib/hashserv/client.py
@@ -80,6 +80,8 @@ class AsyncClient(bb.asyncrpc.AsyncClient):
     MODE_EXIST_STREAM = 2
 
     def __init__(self, username=None, password=None):
+        HIDE_FRAME_ARGS = True  # Do not leak password on exception
+
         super().__init__("OEHASHEQUIV", "1.1", logger)
         self.mode = self.MODE_NORMAL
         self.username = username
@@ -236,6 +238,8 @@ class AsyncClient(bb.asyncrpc.AsyncClient):
         return await self.invoke({"clean-unused": {"max_age_seconds": max_age}})
 
     async def auth(self, username, token):
+        HIDE_FRAME_ARGS = True  # Do not leak token on exception
+
         result = await self.invoke({"auth": {"username": username, "token": token}})
         self.username = username
         self.password = token
@@ -319,6 +323,8 @@ class AsyncClient(bb.asyncrpc.AsyncClient):
 
 class Client(bb.asyncrpc.Client):
     def __init__(self, username=None, password=None):
+        HIDE_FRAME_ARGS = True  # Do not leak password on exception
+
         self.username = username
         self.password = password
 
diff --git a/bitbake/lib/hashserv/server.py b/bitbake/lib/hashserv/server.py
index 68f64f983b2..61ddeaad80b 100644
--- a/bitbake/lib/hashserv/server.py
+++ b/bitbake/lib/hashserv/server.py
@@ -793,6 +793,8 @@ class Server(bb.asyncrpc.AsyncServer):
         admin_username=None,
         admin_password=None,
     ):
+        HIDE_FRAME_ARGS = True  # Do not leak password on exception
+
         if upstream and read_only:
             raise bb.asyncrpc.ServerError(
                 "Read-only hashserv cannot pull from an upstream server"
diff --git a/bitbake/lib/hashserv/sqlalchemy.py b/bitbake/lib/hashserv/sqlalchemy.py
index f7b0226a7a3..54aec55b24b 100644
--- a/bitbake/lib/hashserv/sqlalchemy.py
+++ b/bitbake/lib/hashserv/sqlalchemy.py
@@ -115,6 +115,8 @@ class UnihashesV2(DeprecatedBase):
 
 class DatabaseEngine(object):
     def __init__(self, url, username=None, password=None):
+        HIDE_FRAME_ARGS = True  # Do not leak password on exception
+
         self.logger = logging.getLogger("hashserv.sqlalchemy")
         self.url = sqlalchemy.engine.make_url(url)