CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,109 vulnerabilities with CWE-200
CVE-2025-43362 CRITICAL
iPadOS < 18.7 - Unauthorized Keystroke Monitoring
CVSS 9.8
CVE-2025-43356 MEDIUM
Safari < 26.0 - Unauthorized Sensor Information Exposure via Cache Handling
CVSS 6.5
CVE-2025-10321 MEDIUM
Wavlink WL-WN578W2 - Information Disclosure via /live_online.shtml
CVSS 5.3
CVE-2025-56467 MEDIUM
Axis Mobile App 9.9 - Info Disclosure
CVSS 6.5
CVE-2025-54376 HIGH
Hoverfly < 1.12.0 - Unauthenticated Sensitive Information Exposure via Admin WebSocket Endpoint
CVSS 7.5
CVE-2025-55976 HIGH
Intelbras IWR 3000N <1.9.8 - Info Disclosure
CVSS 8.4
CVE-2025-56406 HIGH
mcp-neo4j 0.3.0 - Unauthenticated Exposure of Sensitive Information via SSE Service
CVSS 7.5
CVE-2025-10222 LOW
AxxonSoft Axxon One 2.0.0-2.0.1 - Exposure of Sensitive Information via Diagnostic Dump Component
CVSS 3.3
CVE-2025-36759 HIGH
SolaX Cloud - Unauthenticated Exposure of Sensitive Information via Username Enumeration
CVE-2025-55052 MEDIUM
Product <version> - Info Disclosure
CVSS 4.3
CVE-2025-29089 HIGH
TP-Link AX10 Ax1500 <1.3.10 - Info Disclosure
CVSS 7.5
CVE-2025-55243 HIGH
Microsoft Office Plus - Info Disclosure
CVSS 7.5
CVE-2025-53804 MEDIUM
Windows Kernel - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 5.5
CVE-2025-47997 MEDIUM
SQL Server 2016-2022 Authenticated Information Disclosure via Race Condition
CVSS 6.5
CVE-2025-33045 HIGH
APTOIV - Info Disclosure, Arbitrary Data Writing
CVSS 8.2
CVE-2025-59019 MEDIUM
TYPO3 CMS 11.0.0-11.5.47 12.0.0-12.4.36 13.0.0-13.4.17 - Unauthorized Information Disclosure via CSV Download Feature
CVSS 4.3
CVE-2025-59018 MEDIUM
TYPO3 CMS 9.0.0-13.4.17 - Unauthorized Sensitive Information Exposure via Workspace Module
CVSS 6.5
CVE-2025-40803 LOW
RUGGEDCOM RST2428P 6GK6242-6PA00 - Unauthenticated Exposure of Sensitive Information
CVSS 3.1
CVE-2025-40757 MEDIUM
APOGEE PXC Series - Info Disclosure
CVSS 5.3
CVE-2025-58752 MEDIUM
Vite <7.1.5, 7.0.7, 6.3.6, 5.4.20 - Info Disclosure
CVSS 5.3
CVE-2025-58751 MEDIUM
Vite <7.1.5, <7.0.7, <6.3.6, <5.4.20 - Auth Bypass
CVSS 5.3
CVE-2025-22956 CRITICAL
OPSI < 4.3 - Unauthenticated Exposure of Sensitive Information via ProductPropertyState Retrieval
CVSS 9.8
CVE-2025-10093 MEDIUM
D-Link DIR-852 up to 1.00CN B09 - Information Disclosure via getcfg.php Device Configuration Handler
CVSS 5.3
CVE-2025-58445 HIGH
Atlantis < 0.35.1 - Unauthenticated Sensitive Information Exposure via Status Endpoint
CVSS 7.5
CVE-2025-7368 MEDIUM
REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme ...
CVSS 5.3
Details
Vulnerabilities 10,109
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits