CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,108 vulnerabilities with CWE-200
CVE-2025-13439 MEDIUM
Fancy Product Designer <6.4.8 - Info Disclosure
CVSS 5.9
CVE-2025-66963 MEDIUM
Hitron HI3120 v.7.2.4.5.2b1 - Exposure of Sensitive Information via Logout Option
CVSS 5.5
CVE-2025-11670 MEDIUM
ManageEngine ADManager Plus < 8025 - NTLM Hash Exposure
CVSS 6.4
CVE-2025-12512 MEDIUM
WordPress GenerateBlocks <2.1.2 - Info Disclosure
CVSS 4.3
CVE-2025-11693 CRITICAL
Export WP Page to Static HTML & PDF <4.3.4 - Info Disclosure
CVSS 9.8
CVE-2025-43542 HIGH
macOS < 15.7.3 - Unprotected Password Field Exposure via FaceTime Remote Control
CVSS 7.5
CVE-2025-43538 MEDIUM
macOS < 14.8.3 - Unprotected User Data Exposure via Logging Issue
CVSS 5.5
CVE-2025-43530 MEDIUM
macOS Tahoe <26.2 - Info Disclosure
CVSS 5.5
CVE-2025-43523 MEDIUM
macOS Tahoe <26.2 - Info Disclosure
CVSS 5.5
CVE-2025-43509 MEDIUM
macOS <26.2-15.7.3-14.8.3 - Info Disclosure
CVSS 5.5
CVE-2025-43473 MEDIUM
macOS Tahoe <26.1 - Info Disclosure
CVSS 5.5
CVE-2025-43437 LOW
iPadOS < 26.1 - Unauthorized User Fingerprinting via Privacy Controls
CVSS 3.3
CVE-2025-12408 MEDIUM
The Events Manager - Calendar, Bookings, Tickets, and more! <7.2.2....
CVSS 5.3
CVE-2025-13660 MEDIUM
Guest Support <1.2.3 - Info Disclosure
CVSS 5.3
CVE-2025-14528 MEDIUM
D-Link DIR-803 <1.04 - Info Disclosure
CVSS 5.3
CVE-2025-67718 HIGH
NPM Formio < 3.5.7 - Information Disclosure
CVE-2025-65820 CRITICAL
Meatmeet Android Mobile App <1.1.2.0 - Info Disclosure
CVSS 9.8
CVE-2025-63094 HIGH
XiangShan Nanhu V2 and Kunmighu V3 - Exposure of Sensitive Information via Speculative Execution Side-Channel
CVSS 7.5
CVE-2025-52493 MEDIUM
PagerDuty Runbook < 2025-06-12 - Authenticated Exposure of Sensitive Information in Configuration Page
CVSS 6.5
CVE-2025-67499 MEDIUM
Containernetworking Plugins < 1.9.0 - Information Disclosure
CVSS 6.6
CVE-2025-66625 MEDIUM
Umbraco CMS 10.0.0-13.12.0 - Authenticated Arbitrary File Existence Enumeration via Dictionary Upload
CVSS 4.9
CVE-2025-64670 MEDIUM
Microsoft Windows Graphics Component - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 6.5
CVE-2025-40941 MEDIUM
SIMATIC CN 4100 < 4.0.1 - Information Exposure via Server Response Headers
CVSS 4.3
CVE-2025-40940 MEDIUM
SIMATIC CN 4100 < 4.0.1 - Exposure of Sensitive Information via SNMP Inconsistencies
CVSS 4.9
CVE-2025-14286 MEDIUM
Tenda AC9 15.03.05.14_multi - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 10,108
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits