CWE-209

High likelihood

Generation of Error Message Containing Sensitive Information

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product generates an error message that includes sensitive information about its environment, users, or associated data.

540 vulnerabilities with CWE-209
CVE-2026-40969 LOW
Spring gRPC AuthenticationException message reflected to remote client
CVSS 3.7
CVE-2026-3259 HIGH
Sensitive Data Disclosure in BigQuery via Materialized View Error Messages
CVE-2026-40245 HIGH
Free5GC: UDR nudr-dr influenceData/subs-to-notify leaks SUPI in error response body without authentication
CVSS 7.5
CVE-2026-29146 HIGH
Apache Tomcat: EncryptInterceptor vulnerable to padding oracle attack by default
CVSS 7.5
CVE-2026-24511 MEDIUM
Dell PowerScale OneFS < 9.10.1.7 or later - Information Disclosure
CVSS 4.4
CVE-2026-34045 HIGH
Podman Desktop WebView Server Exposed
CVSS 8.2
CVE-2026-4994 LOW
wandb OpenUI APIStatusError server.py generic_exception_handler information exposure
CVSS 3.5
CVE-2026-28786 MEDIUM
Open WebUI vulnerable to Path Traversal in `POST /api/v1/audio/transcriptions`
CVSS 4.3
CVE-2026-2484 MEDIUM
IBM InfoSphere Information Server Information Disclosure
CVSS 4.3
CVE-2026-1262 MEDIUM
IBM InfoSphere Information Server Information Disclosure
CVSS 4.3
CVE-2026-21783 MEDIUM
HCL Traveler is affected by sensitive information disclosure
CVSS 4.3
CVE-2026-4633 LOW
Keycloak: keycloak: user enumeration via differential error messages
CVSS 3.7
CVE-2026-33192 HIGH
free5GC UDM incorrectly returns 500 for empty supi path parameter in PATCH sdm-subscriptions reques
CVE-2026-33065 MEDIUM
free5GC UDM incorrectly returns 500 for empty supi path parameter in DELETE sdm-subscriptions request
CVE-2026-30835 MEDIUM
Parse Server <8.6.7/9.5.0-alpha.6 - Info Disclosure
CVSS 5.3
CVE-2026-29110 LOW
Cryptomator <1.19.0 - Info Disclosure
CVSS 2.2
CVE-2026-2752 MEDIUM
Navtor NavBox - Info Disclosure
CVSS 5.3
CVE-2026-28675 MEDIUM
OpenSift <1.6.3-alpha - Info Disclosure
CVSS 5.3
CVE-2026-22052 MEDIUM
ONTAP >=9.12.1 - Info Disclosure
CVSS 4.3
CVE-2026-27643 MEDIUM
free5GC UDR <=1.4.1 - Info Disclosure
CVSS 5.3
CVE-2026-27004 MEDIUM
OpenClaw <2026.2.15 - Privilege Escalation
CVSS 5.5
CVE-2026-26957 MEDIUM
Libredesk <1.0.2-0.20260215211005-727213631ce6 - SSRF
CVE-2026-23598 MEDIUM
HPE Aruba 5G Core - Info Disclosure
CVSS 6.5
CVE-2026-24130 MEDIUM
Moonraker <0.9.3 - LDAP Injection
CVSS 5.3
CVE-2026-1175 MEDIUM
Birkir Prime < 0.4.0 - Information Disclosure
CVSS 5.3
Details
Vulnerabilities 540
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits