Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-204

CWE-204

Observable Response Discrepancy

Parent: CWE-203 - Observable Discrepancy

The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.

157 vulnerabilities with CWE-204

CVE-2026-26744 MEDIUM

FormaLMS < 4.1.18 - Unauthenticated User Enumeration via Password Recovery Response Discrepancy

CVE-2026-25509 MEDIUM

Ci4-cms-erp Ci4ms < 0.28.5.0 - Information Disclosure

CVE-2026-24664 MEDIUM

Open eClass Platform < 4.2 - Unauthenticated Username Enumeration via Login Response Analysis

CVE-2026-24332 MEDIUM

Discord through 2026-01-16 - Information Disclosure via WebSocket API Response

CVE-2026-23511 MEDIUM

ZITADEL <4.9.1, 3.4.6 - Info Disclosure

CVE-2026-21484 MEDIUM

AnythingLLM <e287fab56089cf8fcea9ba579a3ecdeca0daa313 - Info Disclo...

CVE-2025-67807 MEDIUM

Sage DPW <2021_06_000 - Info Disclosure

CVE-2025-67806 LOW

Sage DPW <2021_06_000 - Info Disclosure

CVE-2025-3716 MEDIUM

User enumeration in ESET Protect (on-prem)

CVE-2025-69243 MEDIUM

User enumeration in Raytha CMS

CVE-2025-13460 MEDIUM

IBM Aspera Console Information Disclosure

CVE-2025-12455 HIGH

OpenText Vertica 10.0-12.X - Password Brute Force

CVE-2025-62512 MEDIUM

Piwigo 15.0.0-15.5.0 - Unauthenticated User Enumeration via Password Reset Endpoint

CVE-2025-69413 MEDIUM

Gitea < 1.25.2 - Username Enumeration via API Authentication Response Discrepancy

CVE-2025-67874 MEDIUM

ChurchCRM < 6.5.0 - Plaintext Password Exposure in HTTP Responses

CVE-2025-62181 MEDIUM

Pega Platform <25.1.0 - Info Disclosure

CVE-2025-67500 LOW

Mastodon <4.2.27, <4.3.0-beta.1-4.3.14, <4.4.0-beta.1-4.4.9, <4.5.0...

CVE-2025-40806 MEDIUM

Gridscale X Prepay <V4.2.1 - Info Disclosure

CVE-2025-65899 MEDIUM

Kalmia 0.2.0 - Unauthenticated User Enumeration via Authentication Error Messages

CVE-2025-12994 MEDIUM

Medtronic CareLink Network <December 4, 2025 - Info Disclosure

CVE-2025-66307 MEDIUM

Grav <1.11.0-beta.1 - Info Disclosure

CVE-2025-59116 MEDIUM

Windu CMS 4.1 - User Enumeration via Login Error Message Discrepancy

CVE-2025-25236 MEDIUM

Omnissa Workspace ONE UEM - Info Disclosure

CVE-2025-62236 MEDIUM

Frontier Airlines - Info Disclosure

CVE-2025-34155 MEDIUM

Tibbo AggreGate Network Manager < 6.40.05 - Info Disclosure

Previous Page 2 of 7 Next

Details

Vulnerabilities 157

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy