Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-497

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.

333 vulnerabilities with CWE-497

CVE-2025-14712 HIGH

Student Learning Assessment and Support System - Info Disclosure

CVE-2025-43471 MEDIUM

macOS Tahoe <26.1 - Info Disclosure

CVE-2025-43406 MEDIUM

macOS < 26.1 - Unprotected User Data Exposure via Logic Issue

CVE-2025-67717 MEDIUM

ZITADEL 2.44.0-3.4.4 and 4.0.0-rc.1-4.7.1 - Authenticated Sensitive Information Disclosure via Total User Count

CVE-2025-67567 MEDIUM

uixthemes Sober <3.5.11 - Info Disclosure

CVE-2025-67565 MEDIUM

Rehub <= 19.9.9.1 - Sensitive Data Exposure via Embedded Data Retrieval

CVE-2025-67564 MEDIUM

alekv Pixel Manager for WooCommerce <= 1.51.1 - Info Disclosure

CVE-2025-67470 MEDIUM

Essential Plugin Portfolio and Projects <1.5.5 - Info Disclosure

CVE-2025-63070 MEDIUM

Shahjada Download Manager <4.0 - Info Disclosure

CVE-2025-63058 MEDIUM

Hiroaki Miyashita Custom Field Template <= 2.7.4 - Info Disclosure

CVE-2025-63013 MEDIUM

ThimPress WP Hotel Booking <2.2.8 - Info Disclosure

CVE-2025-63009 MEDIUM

yuvalo WP Google Analytics Events <2.8.3 - Info Disclosure

CVE-2025-62737 MEDIUM

opicron Image Cleanup <1.9.3 - Info Disclosure

CVE-2025-62735 MEDIUM

Joel User Spam Remover <1.1 - Info Disclosure

CVE-2025-64061 MEDIUM

Primakon Pi Portal 1.0.18 - Info Disclosure

CVE-2025-36112 MEDIUM

IBM Sterling B2B Integrator & File Gateway <6.2.1.1 - Info Disclosure

CVE-2025-66059 MEDIUM

Seriously Simple Podcasting <3.13.0 - Info Disclosure

CVE-2025-66056 MEDIUM

Uncanny Automator <6.10.0 - Info Disclosure

CVE-2025-36160 MEDIUM

IBM Concert <2.0.0 - Info Disclosure

CVE-2025-13160 MEDIUM

IQ-Support - Unauthenticated Sensitive Information Exposure via API

CVE-2025-64267 MEDIUM

WPSwings WooCommerce Ultimate Points And Rewards <2.10.3 - Info Dis...

CVE-2025-27368 MEDIUM

IBM OpenPages 9.0-9.1 - Info Disclosure

CVE-2025-12779 HIGH

Amazon WorkSpaces client <2024.8 - Info Disclosure

CVE-2025-34283 MEDIUM

Nagios XI <2024R1.4.2 - Info Disclosure

CVE-2025-54459 HIGH

Hospital Manager Backend Services <Sep 19, 2025 - Info Disclosure

Previous Page 5 of 14 Next

Details

Vulnerabilities 333

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy