CWE-209

High likelihood

Generation of Error Message Containing Sensitive Information

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product generates an error message that includes sensitive information about its environment, users, or associated data.

561 vulnerabilities with CWE-209
CVE-2025-40760 MEDIUM
Altair Grid Engine < V2026.0.0 - Info Disclosure
CVSS 5.5
CVE-2025-61959 MEDIUM
Hospital Manager Backend Services < 2025-09-19 - Sensitive Information Disclosure via WebResource.axd
CVSS 5.3
CVE-2025-12365 MEDIUM
BLU-IC2 and BLU-IC4 Firmware <= 1.19.5 - Sensitive Information Exposure via HTTP Header Error Messages
CVSS 5.3
CVE-2025-62397 MEDIUM
moodle 5.0.0-5.0.3 - Information Disclosure via Invalid Course ID Error Response
CVSS 5.3
CVE-2025-62168 CRITICAL
Squid < 7.2 - Information Disclosure via HTTP Authentication Credential Leak in Error Handling
CVSS 10.0
CVE-2025-55676 MEDIUM
Windows USB Video Driver - Info Disclosure
CVSS 5.5
CVE-2025-31998 LOW
HCL Unica Centralized Offer Management < 25.1.0.1 - Information Disclosure via Unhandled Exception
CVSS 3.5
CVE-2025-54291 MEDIUM
Canonical LXD < 5.21.4 - Unauthenticated Information Disclosure via Images API
CVSS 5.3
CVE-2025-26333 MEDIUM
Dell BSAFE Crypto-J 6.0-6.3.0 - Information Exposure via Error Message
CVSS 5.9
CVE-2025-53803 MEDIUM
Windows 10/11, Server 2012/2016 - Kernel Error Message Info Disclosure
CVSS 5.5
CVE-2025-43776 MEDIUM
Liferay DXP 2024.Q1.1-2024.Q1.19 Authenticated Stored XSS via Custom Object Field Label
CVSS 5.4
CVE-2025-59016 MEDIUM
TYPO3 CMS 9.0.0-13.4.17 - Authenticated Sensitive Information Disclosure
CVSS 4.3
CVE-2025-43777 MEDIUM
Liferay Portal 7.4.0-7.4.3.132 & DXP 2024.Q1.1-2024.Q1.19 - Information Disclosure via Deleted Client Secret
CVSS 5.3
CVE-2025-48562 MEDIUM
Android - Local Information Disclosure via RemotePrintDocument Logic Error
CVSS 5.0
CVE-2025-22421 MEDIUM
Android - Local Information Disclosure via Notification Content Leak
CVSS 5.5
CVE-2025-36003 HIGH
IBM Security Verify Governance Identity Manager 10.0.2 - Sensitive Information Exposure via Detailed Error Messages
CVSS 7.5
CVE-2025-9229 MEDIUM
MiR Robots < 3.0.0 - Unauthenticated Information Disclosure via Verbose Error Pages
CVSS 5.3
CVE-2025-52619 MEDIUM
HCL BigFix SaaS < 8.1.14 - Sensitive Information Disclosure in Authentication Service Error Messages
CVSS 5.3
CVE-2025-9005 LOW
mtons mblog < 3.5.0 - Information Exposure via Error Message in Registration Endpoint
CVSS 3.7
CVE-2025-54791 MEDIUM
OMERO.web < 5.29.2 - Information Disclosure via Forgot Password Error Message
CVSS 5.3
CVE-2025-8852 MEDIUM
WukongCRM 11.0 - Information Exposure via API Response Handler Error Message
CVSS 4.3
CVE-2025-23320 HIGH
NVIDIA Triton Inference Server < 25.07 - Information Disclosure via Python Backend Shared Memory Exhaustion
CVSS 7.5
CVE-2025-46658 CRITICAL
4C Strategies Exonaut <21.6 - Info Disclosure
CVSS 9.8
CVE-2025-8548 LOW
pybbs < 6.0.0 - Information Exposure via Email Error Message
CVSS 3.7
CVE-2025-47813 MEDIUM KEV
Wing FTP Server < 7.4.4 - Information Disclosure via UID Cookie
CVSS 4.3
Details
Vulnerabilities 561
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits