Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-359

CWE-359

Exposure of Private Personal Information to an Unauthorized Actor

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected.

184 vulnerabilities with CWE-359

CVE-2025-65857 HIGH

Xiongmai XM530 IP cameras - Info Disclosure

CVE-2025-13008 HIGH

M-Files Server <25.12.15491.7, 25.8, 25.2, 24.8 - Info Disclosure

CVE-2025-1030 HIGH

Utarit Informatics Services Inc. SoliClub <5.3.7 - Info Disclosure

CVE-2025-34441 HIGH

AVideo < 20.1 - Unauthenticated Exposure of Sensitive User Information via Public API

CVE-2025-10450 HIGH

RTI Connext Professional - Info Disclosure

CVE-2025-0969 MEDIUM

Brizy - Page Builder <2.7.16 - Info Disclosure

CVE-2025-66510 MEDIUM

Nextcloud Server <32.0.1 - Info Disclosure

CVE-2025-66027 MEDIUM

rallly < 4.5.6 - Unauthenticated Information Disclosure via API Endpoint

CVE-2025-66035 HIGH

Angular <19.2.16, 20.3.14, 21.0.1 - XSS

CVE-2025-12536 MEDIUM

WordPress SureForms <1.13.2 - Info Disclosure

CVE-2025-11959 HIGH

Premierturk Information Technologies Inc. Excavation Management Inf...

CVE-2025-36131 MEDIUM

IBM Db2 11.1.0-11.1.4.7, 11.5.0-11.5.9, 12.1.0-12.1.3 - Exposure of Private Personal Information via clpplus Command

CVE-2025-52602 MEDIUM

HCL BigFix Query < 43 - Sensitive Information Disclosure via WebUI Query Endpoint

CVE-2025-43500 HIGH

iPadOS < 26.1 - Unprotected User Data Exposure via Privacy Issue

CVE-2025-43496 HIGH

iPadOS < 26.1 - Unauthorized Exposure of Private Personal Information via Remote Content Loading

CVE-2025-43469 MEDIUM

macOS < 14.8.2, < 15.7.2, < 26.1 - Unprotected User Data Exposure via Permissions Issue

CVE-2025-43452 MEDIUM

iPadOS < 26.1 - Unauthorized Exposure of Sensitive Information via Lock Screen Keyboard Suggestions

CVE-2025-43439 MEDIUM

iOS <18.7.2 & iPadOS <18.7.2 - Info Disclosure

CVE-2025-43409 MEDIUM

macOS <15.7.2 & <26.1 - Info Disclosure

CVE-2025-43405 HIGH

macOS < 14.8.2, < 15.7.2, < 26.1 - Unprotected User Data Exposure via Permissions Issue

CVE-2025-43399 HIGH

macOS < 15.7.2 - Unprotected User Data Exposure via Sensitive Information Redaction

CVE-2025-43389 MEDIUM

iPadOS < 26.1 - Unauthorized Access to Sensitive User Data

CVE-2025-11145 HIGH

CBK Soft Software Hardware Electronic Computer Systems Industry and...

CVE-2025-35981 MEDIUM

Command Centre Server <9.30.1874, <9.20.2337, <9.10.3194 - Info Dis...

CVE-2025-62644 MEDIUM

Restaurant Brands International RBI - Info Disclosure

Previous Page 2 of 8 Next

Details

Vulnerabilities 184

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy