CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,086 vulnerabilities with CWE-200
CVE-2025-14075 MEDIUM
WP Hotel Booking <2.2.7 - Info Disclosure
CVSS 5.3
CVE-2025-24090 LOW
iPadOS < 18.3 - Improper Access Control
CVSS 3.3
CVE-2025-24089 MEDIUM
iPadOS < 18.3 - Unauthorized App Enumeration
CVSS 5.3
CVE-2025-68438 HIGH
Apache Airflow 3.1.0-3.1.5 - Exposure of Sensitive Information in Rendered Templates UI
CVSS 7.5
CVE-2025-15527 MEDIUM
WP Recipe Maker <10.2.2 - Info Disclosure
CVSS 4.3
CVE-2025-67399 MEDIUM
AIRTH SMART HOME AQI MONITOR Bootloader 1.005 - Unauthenticated Sensitive Information Exposure via UART Port
CVSS 4.6
CVE-2025-14464 MEDIUM
PDF Resume Parser <1.0 - Info Disclosure
CVSS 5.3
CVE-2025-68966 MEDIUM
HarmonyOS - Unauthorized Information Exposure via Notepad Permission Control
CVSS 5.1
CVE-2025-68965 MEDIUM
HarmonyOS - Unauthorized Information Exposure in Notepad Module
CVSS 4.7
CVE-2025-68959 MEDIUM
Media Library Module - Privilege Escalation
CVSS 6.2
CVE-2025-37165 HIGH
HPE Instant On Access Points - Info Disclosure
CVSS 7.5
CVE-2025-47855 CRITICAL
Fortinet FortiFone <7.0.2 - Info Disclosure
CVSS 9.8
CVE-2025-14507 MEDIUM
EventPrime - Events Calendar, Bookings and Tickets <4.2.7.0 - Info ...
CVSS 5.3
CVE-2025-65090 MEDIUM
XWiki Full Calendar Macro < 2.4.6 - Unauthenticated Exposure of Sensitive Information via Calendar.JSONService
CVSS 5.3
CVE-2025-46676 LOW
Dell PowerProtect Data Domain - Info Disclosure
CVSS 2.7
CVE-2025-14980 MEDIUM
BetterDocs <4.3.3 - Info Disclosure
CVSS 6.5
CVE-2025-14574 MEDIUM
weDocs < 2.1.15 - Unauthenticated Sensitive Information Exposure via REST API Endpoint
CVSS 5.3
CVE-2025-68719 HIGH
KAYSUS KS-WR3600 <1.0.5.9.1 - Info Disclosure
CVSS 8.8
CVE-2025-68718 MEDIUM
KAYSUS KS-WR1200 - Privilege Escalation
CVSS 5.4
CVE-2025-59469 CRITICAL
Veeam Backup & Replication 13.0.0.4967-13.0.1.1071 - Authenticated Arbitrary File Write as Root
CVSS 9.0
CVE-2025-47369 MEDIUM
Qualcomm AR8035 Firmware - Information Disclosure via Weak Session ID Hash in IOCTL Response
CVSS 5.5
CVE-2025-31964 LOW
HCL BigFix IVR 4.2 - Unprotected Administrative Service Exposure
CVSS 2.2
CVE-2025-13371 HIGH
MoneySpace plugin <2.13.9 - Info Disclosure
CVSS 8.6
CVE-2025-12540 MEDIUM
ShareThis Dashboard - Info Disclosure
CVSS 4.7
CVE-2025-13215 MEDIUM
Phlox theme plugin <2.17.13 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 10,086
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits