CWE-209

High likelihood

Generation of Error Message Containing Sensitive Information

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product generates an error message that includes sensitive information about its environment, users, or associated data.

561 vulnerabilities with CWE-209
CVE-2026-2484 MEDIUM
IBM InfoSphere Information Server Information Disclosure
CVSS 4.3
CVE-2026-1262 MEDIUM
IBM InfoSphere Information Server Information Disclosure
CVSS 4.3
CVE-2026-21783 MEDIUM
HCL Traveler is affected by sensitive information disclosure
CVSS 4.3
CVE-2026-4633 LOW
Keycloak: keycloak: user enumeration via differential error messages
CVSS 3.7
CVE-2026-33192 HIGH
free5GC UDM incorrectly returns 500 for empty supi path parameter in PATCH sdm-subscriptions reques
CVE-2026-33065 MEDIUM
free5GC UDM incorrectly returns 500 for empty supi path parameter in DELETE sdm-subscriptions request
CVE-2026-30835 MEDIUM
Parse Server <8.6.7/9.5.0-alpha.6 - Info Disclosure
CVSS 5.3
CVE-2026-29110 LOW
Cryptomator <1.19.0 - Info Disclosure
CVSS 2.2
CVE-2026-2752 MEDIUM
Navtor NavBox 4.12.0.3 and 4.16.2.4 - Unauthenticated Sensitive Information Disclosure via AIS-Data Endpoint
CVSS 5.3
CVE-2026-28675 MEDIUM
OpenSift <1.6.3-alpha - Info Disclosure
CVSS 5.3
CVE-2026-22052 MEDIUM
NetApp ONTAP >= 9.12.1 - Authenticated Information Disclosure via S3 NAS Bucket Directory Listing
CVSS 4.3
CVE-2026-27643 MEDIUM
free5GC UDR <=1.4.1 - Info Disclosure
CVSS 5.3
CVE-2026-27004 MEDIUM
OpenClaw <2026.2.15 - Privilege Escalation
CVSS 5.5
CVE-2026-23598 MEDIUM
HPE Aruba 5G Core - Info Disclosure
CVSS 6.5
CVE-2026-24130 MEDIUM
Moonraker < 0.10.0 - LDAP Injection via Login Endpoint
CVSS 5.3
CVE-2026-1175 MEDIUM
birkir prime < 0.4.0 - Information Exposure via GraphQL Directive Handler Error Message
CVSS 5.3
CVE-2026-22646 MEDIUM
SICK incoming_goods_suite < 1.2.1 - Information Disclosure via Error Message
CVSS 4.3
CVE-2026-20838 MEDIUM
Windows Kernel - Information Disclosure via Error Message
CVSS 5.5
CVE-2025-52611 LOW
HCL iControl was affected by Unhandled Exception - Stack Trace Disclosure vulnerability
CVSS 3.1
CVE-2025-52606 MEDIUM
HCL iControl - Weak Input Validation
CVSS 4.3
CVE-2025-31960 MEDIUM
HCL BigFix Service Management (SM) is vulnerable to information exposure due to improper error handling within its reporting module
CVSS 5.3
CVE-2025-59853 LOW
HCL DFXAnalytics is affected by an Improper Error Handling vulnerability
CVSS 3.1
CVE-2025-52641 LOW
Internal Filesystem Exploration vulnerability
CVSS 2.9
CVE-2025-14243 MEDIUM
Mirror-registry: openshift mirror registry: user enumeration via authentication error messages
CVSS 5.3
CVE-2025-71282 HIGH
XenForo Path Disclosure via open_basedir Exceptions
CVSS 7.5
Details
Vulnerabilities 561
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits