CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,109 vulnerabilities with CWE-200
CVE-2025-61780
MEDIUM
Rack < 2.2.20 - Proxy Request Redirection via Untrusted x-sendfile Headers
CVSS 5.8
CVE-2025-8887
MEDIUM
Usta Information Systems Inc. Aybs Interaktif - Info Disclosure
CVSS 6.1
CVE-2025-8886
MEDIUM
Usta Information Systems Inc. Aybs Interaktif - Privilege Escalation
CVSS 6.7
CVE-2025-52634
LOW
HCL AION 2.0 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 3.7
CVE-2025-52630
LOW
HCL AION 2.0 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 3.7
CVE-2025-10282
MEDIUM
BBOT - Exposure of Sensitive Information via GitLab Module
CVSS 4.7
CVE-2025-10281
MEDIUM
BBOT < 2.7.0 - Unauthenticated GitHub API Key Exposure via Malicious Git URL
CVSS 4.7
CVE-2025-61906
MEDIUM
Opencast < 17.8 - Unintended Media Publication via Editor Save & Publish Bypass
CVSS 4.3
CVE-2025-11443
LOW
JhumanJ OpnForm <1.9.3 - Info Disclosure
CVSS 3.7
CVE-2025-48464
MEDIUM
DuckDuckGo Browser < 5.246.0 - Unauthenticated Exposure of Sensitive Sync Account Data
CVSS 4.7
CVE-2025-11406
MEDIUM
kaifangqian-base - Exposure of Sensitive Information via getAllUsers Function
CVSS 4.3
CVE-2025-61777
CRITICAL
FlagForge 2.0.0-2.3.1 - Unauthenticated Improper Access Control in Badge Template Endpoints
CVSS 9.4
CVE-2025-58589
LOW
SICK AG Baggage Analytics < 4.6.3 - Unauthorized Sensitive Information Exposure via Error Stacktrace
CVSS 2.7
CVE-2025-58581
MEDIUM
SICK Enterprise Analytics - Exposure of Sensitive Information via Error Stacktrace
CVSS 4.3
CVE-2025-61679
HIGH
anyquery < 0.4.4 - Unauthenticated Exposure of Sensitive Integration Data via HTTP Server
CVSS 7.7
CVE-2025-60449
MEDIUM
SeaCMS 13.1 - Authenticated Information Disclosure via admin_safe.php
CVSS 4.9
CVE-2025-9209
CRITICAL
RestroPress 3.0.0-3.1.9.2 - Unauthenticated Authentication Bypass via REST API
CVSS 9.8
CVE-2025-61589
MEDIUM
Cursor < 1.7 - Unauthorized Sensitive Information Exposure via Mermaid Image Embedding
CVSS 5.9
CVE-2025-61665
HIGH
WeGIA < 3.5.0 - Unauthenticated Sensitive Information Exposure via get_relatorios_socios.php Endpoint
CVSS 7.5
CVE-2025-59405
HIGH
Flock Safety Peripheral 7.38.3 - Exposure of Sensitive Information via Hardcoded DataDog API Key
CVSS 7.5
CVE-2025-56161
HIGH
Yiovo Firefly Mall - Information Disclosure
CVSS 7.5
CVE-2025-54468
MEDIUM
Rancher 2.9.0-2.12.1 Sensitive Information Exposure via Impersonate-Extra Headers
CVSS 4.7
CVE-2025-54290
MEDIUM
Canonical LXD < 5.21.4 - Unauthenticated Information Disclosure via Image Export API
CVSS 5.3
CVE-2025-40645
HIGH
ViDay - Unauthenticated Exposure of Sensitive Information via Phone Parameter
CVE-2025-10744
MEDIUM
Managefy plugin <1.6.1 - Info Disclosure
CVSS 5.9
Details
Vulnerabilities
10,109
Exploit Likelihood
High