Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-359

CWE-359

Exposure of Private Personal Information to an Unauthorized Actor

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected.

184 vulnerabilities with CWE-359

CVE-2025-53950 MEDIUM

Fortinet FortiDLP Agent - Info Disclosure

CVE-2025-62362 MEDIUM

gpp-burgerportaal <2.0.3, <3.0.2, <4.0.1 - Info Disclosure

CVE-2025-5009 LOW

Google Gemini iOS - Unauthorized Exposure of Private Conversation History via Public Link Sharing

CVE-2025-10859 MEDIUM

Firefox for iOS < 143.1 - Info Disclosure

CVE-2025-59843 MEDIUM

Flag Forge <2.3.2 - Info Disclosure

CVE-2025-43357 LOW

iPadOS < 26.0 - Unprotected User Data Exposure via Fingerprinting

CVE-2025-43310 MEDIUM

macOS < 14.8, < 15.7, < 26 - Unprotected User Data Exposure via Pasteboard

CVE-2025-43301 LOW

macOS Sonoma <14.8 - Info Disclosure

CVE-2025-43279 MEDIUM

macOS < 26.0 - Unprotected User Data Exposure via Log Entry Redaction

CVE-2025-51586 LOW

PrestaShop <8.2.1 - Info Disclosure

CVE-2025-41685 MEDIUM

SMA ennexos.sunnyportal.com < 15.08.2025 - Unauthorized Exposure of Private Personal Information via Email Address

CVE-2025-53765 MEDIUM

Azure App Service on Azure Stack < 102.10.2.11 - Unauthorized Exposure of Private Personal Information

CVE-2025-54125 MEDIUM

XWiki Platform <17.1.0 - Info Disclosure

CVE-2025-54124 MEDIUM

XWiki Platform <17.1.0 - Info Disclosure

CVE-2025-43259 MEDIUM

macOS <15.6-13.7.7 - Info Disclosure

CVE-2025-43227 HIGH

Safari < 18.6 - Unauthorized Exposure of Private Personal Information via Malicious Web Content

CVE-2025-43217 MEDIUM

iPadOS < 17.7.9 and < 18.6 - Unauthorized Exposure of Privacy Indicators

CVE-2025-31276 MEDIUM

iPadOS < 17.7.9 and < 18.6 - Unauthorized Remote Content Loading via Load Remote Images Setting Bypass

CVE-2025-53625 HIGH

DynamicPageList3 < 3.6.4 - Exposure of Hidden Usernames via DPL Parameters

CVE-2025-53374 MEDIUM

dokploy < 0.23.7 - Authenticated Exposure of Private Personal Information via user.one Endpoint

CVE-2025-6017 MEDIUM

Red Hat Advanced Cluster Management <2.10.7-2.12.4 - Info Disclosure

CVE-2025-49715 HIGH

Dynamics 365 FastTrack Implementation Assets - Info Disclosure

CVE-2025-49134 MEDIUM

Weblate < 5.12 - Unauthorized Exposure of User IP Address in Audit Log Notifications

CVE-2025-5334 HIGH

Devolutions Remote Desktop Manager < 2025.1.34.0 - Unauthorized Access to Private Information via User Vaults

CVE-2025-0679 MEDIUM

GitLab CE/EE <17.10.7-18.0.1 - Info Disclosure

Previous Page 3 of 8 Next

Details

Vulnerabilities 184

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy