CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,119 vulnerabilities with CWE-200
CVE-2025-46720 LOW
Keystone < 6.5.0 - Unauthorized Information Exposure via Update and Delete Mutation Filters
CVSS 3.1
CVE-2025-4281 MEDIUM
Shenzhen Sixun Software Sixun Shanghui Group Business Management Sy...
CVSS 4.3
CVE-2025-4271 MEDIUM
TOTOLINK A720R 4.1.5cu.374 - Info Disclosure
CVSS 5.3
CVE-2025-4270 MEDIUM
TOTOLINK A720R 4.1.5cu.374 - Info Disclosure
CVSS 5.3
CVE-2025-4222 MEDIUM
Database Toolset plugin <1.8.4 - Info Disclosure
CVSS 5.9
CVE-2025-46332 MEDIUM
flags < 4.0.0 and @vercel/flags < 4.0.0 - Unauthenticated Exposure of Sensitive Information via Discovery Endpoint
CVSS 6.5
CVE-2025-2880 MEDIUM
Yame | Link In Bio <0.9.0 - Info Disclosure
CVSS 5.3
CVE-2025-46552 MEDIUM
KHC-INVITATION-AUTOMATION <1.2 - Info Disclosure
CVE-2025-24270 MEDIUM
iPadOS < 17.7.6 - Unauthorized Sensitive Information Exposure
CVSS 5.7
CVE-2025-3978 MEDIUM
dazhouda lecms 3.0.3 - Info Disclosure
CVSS 4.3
CVE-2025-3975 MEDIUM
ScriptAndTools eCommerce-website-in-PHP 3.0 - Info Disclosure
CVSS 5.3
CVE-2025-3966 MEDIUM
itwanger paicoding 1.0.3 - Info Disclosure
CVSS 4.3
CVE-2025-32986 HIGH
NETSCOUT nGeniusONE < 6.4.0 - Unauthenticated Sensitive File Exposure
CVSS 7.5
CVE-2025-32983 HIGH
NETSCOUT nGeniusONE < 6.4.0 - Technical Information Disclosure via Stack Trace
CVSS 7.5
CVE-2025-3628 MEDIUM
Moodle 4.5.0-4.5.3 - Unauthenticated Exposure of Sensitive Information via Assignment Search
CVSS 4.3
CVE-2025-32044 HIGH
Moodle 4.5.0-4.5.2 - Unauthenticated Exposure of Sensitive User Data via API Stack Traces
CVSS 7.5
CVE-2025-3923 MEDIUM
Prevent Direct Access - Protect WordPress Files <2.8.8 - Info Discl...
CVSS 5.3
CVE-2025-32958 CRITICAL
Adept < a1a41b7 - Unauthenticated Exposure of GitHub Token via Workflow Artifact
CVSS 9.8
CVE-2025-23174 HIGH
Yoel Geva Android App - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 7.5
CVE-2025-32953 HIGH
z80pack < 1.38 - Unauthenticated Exposure of Sensitive Information via GitHub Actions Artifact
CVSS 8.7
CVE-2025-28235 HIGH
Soundcraft Ui Series - Info Disclosure
CVSS 7.5
CVE-2025-29316 MEDIUM
DataPatrol Screenshot watermark <3.5.2.0 - Info Disclosure
CVSS 6.2
CVE-2025-32789 LOW
EspoCRM < 9.0.7 - Exposure of Sensitive Information via User Password Hash Sorting
CVSS 3.1
CVE-2025-3104 MEDIUM
WP STAGING Pro <6.1.2 - Info Disclosure
CVSS 5.3
CVE-2025-30724 HIGH
Oracle BI Publisher 7.6.0.0.0 and 12.2.1.4.0 - Unauthenticated Exposure of Sensitive Information via XML Services
CVSS 7.5
Details
Vulnerabilities 10,119
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits