CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,109 vulnerabilities with CWE-200
CVE-2025-55242 MEDIUM
Xbox Gaming Services - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 6.5
CVE-2025-55190 CRITICAL
Argo CD 2.13.0-2.13.8 2.14.0-2.14.15 3.0.0-3.0.12 3.1.0-rc1-3.1.1 - Sensitive Info Exposure via API
CVSS 9.9
CVE-2025-48527 MEDIUM
Google Android Notification Leak - Information Disclosure
CVSS 6.2
CVE-2025-26453 MEDIUM
Android - Local Information Disclosure via BluetoothOppSendFileInfo Logic Error
CVSS 5.5
CVE-2025-6984 HIGH
langchain-community < 0.3.27 - XML External Entity Injection in EverNoteLoader
CVSS 7.5
CVE-2025-36895 HIGH
Android - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 7.5
CVE-2025-20336 MEDIUM
Cisco Desk Phone/Cisco IP Phone/Cisco Video Phone - Info Disclosure
CVSS 5.3
CVE-2025-20270 MEDIUM
Cisco EPNM/Prime Infrastructure - Info Disclosure
CVSS 4.3
CVE-2025-58458 MEDIUM
Jenkins Git client Plugin <6.3.2 - Info Disclosure
CVSS 4.3
CVE-2025-53694 HIGH
Sitecore Experience Manager and Experience Platform 9.2-10.4 - Exposure of Sensitive Information
CVSS 7.5
CVE-2025-9843 MEDIUM
Das Parking Management System 6.2.0 - Information Disclosure via /Operator/FindAll
CVSS 5.3
CVE-2025-9842 MEDIUM
Das Parking Management System 6.2.0 - Information Disclosure via Operator/Search Endpoint
CVSS 5.3
CVE-2025-22430 MEDIUM
Android - Local Information Disclosure via Missing Permission Check in isInSignificantPlace
CVSS 5.5
CVE-2025-9774 MEDIUM
RemoteClinic < 2.0 - Information Disclosure via Email Parameter in Edit Patient
CVSS 4.3
CVE-2025-58061 MEDIUM
OpenEBS Local PV RawFile <0.10.0 - Info Disclosure
CVSS 5.5
CVE-2025-58059 CRITICAL
Valtimo < 12.16.0.RELEASE & 13.0.0.RELEASE-13.1.2.RELEASE - Sensitive Information Exposure
CVSS 9.1
CVE-2025-57757 MEDIUM
Contao 5.0.0-5.3.37 - Unauthenticated Information Disclosure in News Module RSS Feed
CVSS 5.3
CVE-2025-57756 MEDIUM
Contao 4.9.14-4.13.55, 5.3.0-5.3.37, 5.6.0 - Unauthorized Sensitive Information Exposure via Front-End Search Index
CVSS 5.3
CVE-2025-51643 LOW
Meitrack T366G-L GPS Tracker Firmware - Unauthenticated Sensitive Information Exposure via SPI Flash Access
CVSS 2.4
CVE-2025-20290 MEDIUM
Cisco NX-OS Software - Info Disclosure
CVSS 5.5
CVE-2025-29992 HIGH
Mahara < 24.04.9 - Unauthenticated Database Connection Information Exposure
CVSS 7.5
CVE-2025-9461 MEDIUM
diyhi bbs < 6.8 - Exposure of Sensitive Information via File Compression Handler
CVSS 4.3
CVE-2025-7426 CRITICAL
MINOVA TTA - Unauthenticated Exposure of FTP Credentials via Debug Port
CVE-2025-9398 MEDIUM
YiFang CMS <2.0.5 - Info Disclosure
CVSS 5.3
CVE-2025-9381 LOW
FNKvision Y215 CCTV Camera - Info Disclosure
CVSS 1.6
Details
Vulnerabilities 10,109
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits