Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-203

CWE-203

Observable Discrepancy

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

733 vulnerabilities with CWE-203

CVE-2026-11289 MEDIUM

Google Chrome - Improper Protection of Physical Side Channels

CVE-2026-11284 MEDIUM

Google Chrome - Improper Protection of Physical Side Channels

CVE-2026-45294 MEDIUM

FreeScout: User Account Enumeration via Password Reset Response Differentiation

CVE-2026-45410 MEDIUM

Time-based user enumeration in TREK authentication endpoint

CVE-2026-8242 LOW

Industrial Application Software IAS Canias ERP Login RMI doAction response discrepancy

CVE-2026-41588 CRITICAL

RELATE: Timing Attack Vulnerability in course/auth.py — check_sign_in_key()

CVE-2026-44263 MEDIUM

Weblate: Private Translation Enumeration via Screenshot API

CVE-2026-26895 MEDIUM

osTicket < 1.18.3 - User Enumeration via Password Reset Endpoint

CVE-2026-33429 MEDIUM

Parse Server: Protected field change detection oracle via LiveQuery watch parameter

CVE-2026-33425 MEDIUM

Discourse has inferable private group membership or existence via exclude_groups parameter

CVE-2026-3580 LOW

Compiler-induced timing leak in sp_256_get_entry_256_9 on RISC-V

CVE-2026-3579 LOW

Non-constant time multiplication subroutine __muldi3 on RISC-V RV32I

CVE-2026-28490 MEDIUM

Authlib Vulnerable to JWE RSA1_5 Bleichenbacher Padding Oracle

CVE-2026-21386 MEDIUM

Private channel enumeration via /mute slash command

CVE-2026-4045 LOW

projectsend r1945 - Info Disclosure

CVE-2026-4040 LOW

OpenClaw <2026.2.17 - Info Disclosure

CVE-2026-26315 HIGH

go-ethereum <1.16.9 - Info Disclosure

CVE-2026-23621 MEDIUM

GFI MailEssentials AI <22.4 - Info Disclosure

CVE-2026-23620 MEDIUM

GFI MailEssentials AI <22.4 - Info Disclosure

CVE-2026-26185 MEDIUM

Directus < 11.14.1 - Timing-Based User Enumeration via Password Reset

CVE-2026-25562 MEDIUM

WeKan < 8.19 - Unauthorized Attachment Metadata Exposure via Attachments Publication

CVE-2026-25509 MEDIUM

Ci4-cms-erp Ci4ms < 0.28.5.0 - Information Disclosure

CVE-2026-23849 MEDIUM

File Browser <2.55.0 - Info Disclosure

CVE-2026-23519 CRITICAL

RustCrypto CMOV <0.4.4 - Info Disclosure

CVE-2026-21484 MEDIUM

AnythingLLM <e287fab56089cf8fcea9ba579a3ecdeca0daa313 - Info Disclo...

Page 1 of 30 Next

Details

Vulnerabilities 733

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy