CWE-204

Observable Response Discrepancy

Parent: CWE-203 - Observable Discrepancy

The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.

148 vulnerabilities with CWE-204
CVE-2026-34319 MEDIUM
Oracle Corporation MySQL Shell < 8.0.45 - Denial of Service
CVSS 5.0
CVE-2026-24468 MEDIUM
OpenAEV Vulnerable to Username/Email Enumeration Through Differential HTTP Responses in Password Reset API
CVSS 5.3
CVE-2026-40485 MEDIUM
ChurchCRM: Username Enumeration via Differential Response in Public Login API
CVSS 5.3
CVE-2026-34264 MEDIUM
Information Disclosure vulnerability in SAP Human Capital Management for SAP S/4HANA
CVSS 6.5
CVE-2026-4113 HIGH
SonicWall SMA1000 <12.4.3-03245 - Info Disclosure
CVSS 7.2
CVE-2026-39851 MEDIUM
Saleor has a user enumeration vulnerability due to different error messages
CVSS 4.3
CVE-2026-33419 HIGH
MinIO: LDAP login brute-force via user enumeration and missing rate limit
CVSS 7.5
CVE-2026-33323 MEDIUM
Parse Server: Email verification resend page leaks user existence
CVSS 5.3
CVE-2026-33688 MEDIUM
AVideo has Pre-Captcha User Enumeration and Account Status Disclosure in Password Recovery Endpoint
CVSS 5.3
CVE-2026-30876 MEDIUM
Chamilo LMS: User enumeration vulnerability via response
CVSS 5.3
CVE-2026-2859 MEDIUM
Checkmk 2.4.0-2.4.0p22/2.3.0-2.3.0p42 - Info Disclosure
CVSS 4.3
CVE-2026-24097 MEDIUM
Checkmk 2.4.0-2.4.0p22, 2.3.0-2.3.0p42 - Info Disclosure
CVSS 4.3
CVE-2026-4045 LOW
projectsend r1945 - Info Disclosure
CVSS 3.7
CVE-2026-31901 MEDIUM
Parse Server <8.6.34/9.6.0-alpha.8 - Info Disclosure
CVSS 5.3
CVE-2026-31888 MEDIUM
Shopware <6.7.8.1/6.6.10.15 - Info Disclosure
CVSS 5.3
CVE-2026-28358 MEDIUM
NocoDB <0.301.3 - Info Disclosure
CVSS 5.3
CVE-2026-28288 MEDIUM
Dify <1.9.0 - Info Disclosure
CVSS 5.3
CVE-2026-25138 MEDIUM
Rucio <35.8.3/<38.5.4/<39.3.1 - Info Disclosure
CVSS 5.3
CVE-2026-27480 MEDIUM
Static Web Server 2.1.0-2.40.1 - Auth Bypass
CVSS 5.3
CVE-2026-26744 MEDIUM
FormaLMS <4.1.18 - Info Disclosure
CVSS 5.3
CVE-2026-25509 MEDIUM
Ci4-cms-erp Ci4ms < 0.28.5.0 - Information Disclosure
CVSS 5.3
CVE-2026-24664 MEDIUM
Open eClass <4.2 - Info Disclosure
CVSS 5.3
CVE-2026-24332 MEDIUM
Discord - Info Disclosure
CVSS 4.3
CVE-2026-23511 MEDIUM
ZITADEL <4.9.1, 3.4.6 - Info Disclosure
CVSS 5.3
CVE-2026-21484 MEDIUM
AnythingLLM <e287fab56089cf8fcea9ba579a3ecdeca0daa313 - Info Disclo...
CVSS 5.3
Details
Vulnerabilities 148
Links
MITRE CWE Entry Search this CWE With Exploits