CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,109 vulnerabilities with CWE-200
CVE-2025-33051 HIGH
Microsoft Exchange Server - Info Disclosure
CVSS 7.5
CVE-2025-27707 LOW
Edge Orchestrator <24.11.1 - Info Disclosure
CVSS 2.6
CVE-2025-3831 HIGH
Harmony SASE - Exposure of Sensitive Information via Log File Upload
CVSS 8.1
CVE-2025-40768 HIGH
SINEC Traffic Analyzer < 3.0 - Unauthorized Access via Exposed Internal Service Port
CVSS 7.3
CVE-2025-4390 MEDIUM
WP Private Content Plus <3.6.2 - Info Disclosure
CVSS 5.3
CVE-2025-8866 MEDIUM
YugabyteDB Anywhere - Info Disclosure
CVE-2025-8852 MEDIUM
WukongCRM 11.0 - Information Exposure via API Response Handler Error Message
CVSS 4.3
CVE-2025-55009 HIGH
AuthKit library <0.14.1 - Info Disclosure
CVSS 7.1
CVE-2025-55008 HIGH
AuthKit library for React Router <0.7.0 - Info Disclosure
CVSS 7.1
CVE-2025-8738 MEDIUM
zlt2000 microservices-platform <6.0.0 - Info Disclosure
CVSS 5.3
CVE-2025-54786 MEDIUM
SuiteCRM 7.14.6 and 8.8.0 - Unauthenticated Meeting Data Access via Legacy iCal Service
CVSS 5.3
CVE-2025-46659 HIGH
4C Strategies Exonaut <21.6 - Info Disclosure
CVSS 7.5
CVE-2025-38746 LOW
Dell SupportAssist OS Recovery < 5.5.14.0 - Unauthenticated Information Disclosure
CVSS 3.5
CVE-2025-30127 CRITICAL
Marbella KR8s Dashcam FF <2.0.8 - Info Disclosure
CVSS 9.8
CVE-2025-51040 HIGH
Electrolink FM/DAB/TV - Unauthorized Access
CVSS 7.5
CVE-2025-46388 MEDIUM
Product <Version> - Info Disclosure
CVSS 4.3
CVE-2025-8620 MEDIUM
GiveWP - Donation Plugin and Fundraising Platform <= 4.6.0 - Unauthenticated Exposure of Sensitive Donor Information
CVSS 5.3
CVE-2025-54615 MEDIUM
HarmonyOS - Exposure of Sensitive Information via Media Library Module
CVSS 6.2
CVE-2025-29745 HIGH
Emsisoft Anti-Malware <2024.12 - Info Disclosure
CVSS 7.5
CVE-2025-8548 LOW
pybbs < 6.0.0 - Information Exposure via Email Error Message
CVSS 3.7
CVE-2025-8525 MEDIUM
Exrick xboot < 3.3.4 - Information Disclosure in Spring Boot Admin/Spring Actuator
CVSS 5.3
CVE-2025-8519 LOW
vvveb < 1.0.6 - Information Disclosure via Drag-and-Drop Editor URL Parameter
CVSS 2.7
CVE-2025-8515 LOW
Intelbras InControl 2.21.60.9 - Exposure of Sensitive Information via /v1/operador/ JSON Endpoint
CVSS 3.1
CVE-2025-23290 LOW
NVIDIA GPU Display Drivers R535-R570 - Information Disclosure via Virtual GPU Manager
CVSS 2.5
CVE-2025-6722 MEDIUM
BitFire Security <= 4.5 - Unauthenticated Sensitive Information Exposure via Unrestricted bitfire_* Directory
CVSS 5.3
Details
Vulnerabilities 10,109
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits