Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-922

CWE-922

Insecure Storage of Sensitive Information

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

373 vulnerabilities with CWE-922

CVE-2026-46511 HIGH

HAXcms: Mass Token Exfiltration and Cross-Tenant Hijack

CVE-2026-5515 MEDIUM

IBM App Connect Enterprise is vulnerable to a confidential disclosure

CVE-2026-7257 MEDIUM

Zyxel WRE6505 v2 firmware V1.00(ABDV.3)C0 - Insecure Storage of Sensitive Information in Configuration File

CVE-2026-40868 HIGH

kyverno apicall servicecall implicit bearer token injection leaks kyverno serviceaccount token

CVE-2026-26152 HIGH

Microsoft Cryptographic Services Elevation of Privilege Vulnerability

CVE-2026-5666 MEDIUM

code-projects Online FIR System SQL Database Backup File complaints.sql sensitive information

CVE-2026-5650 MEDIUM

code-projects Online Application System for Admission oas.sql sensitive information

CVE-2026-33407 CRITICAL

Wallos: SSRF via HTTP Proxy Environment Variable

CVE-2026-20629 MEDIUM

macOS Tahoe <26.3 - Info Disclosure

CVE-2025-32751 MEDIUM

Dell PowerFlex Manager (Appliance) - Insecure Storage of Sensitive Information

CVE-2025-32746 MEDIUM

Dell PowerFlex Manager (Appliance) - Insecure Storage of Sensitive Information

CVE-2025-10734 MEDIUM

ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More <= 2.2.12 - Unauthenticated Sensitive Information Exposure

CVE-2025-10464 MEDIUM

Birtech Senseway <09022026 - Info Disclosure

CVE-2025-70963 HIGH

gophish <= 0.12.1 - Incorrect Access Control and Insecure Storage of Sensitive API Keys

CVE-2025-14376 HIGH

Verve Asset Manager - Info Disclosure

CVE-2025-10971 HIGH

MeetMe <= v2.2.5 - Insecure Storage of Sensitive Information

CVE-2025-12539 CRITICAL

WordPress TNC Toolbox: Web Performance <1.4.2 - Info Disclosure

CVE-2025-61482 HIGH

NetKnights GmbH privacyIDEA Authenticator v.4.3.0 - Auth Bypass

CVE-2025-60856 MEDIUM

Reolink Video Doorbell WiFi DB_566128M5MP_W - RCE

CVE-2025-11645 LOW

Tomofun Furbo Mobile App <7.57.0a - Info Disclosure

CVE-2025-11644 LOW

Furbo 360 Dog Camera Firmware < 036 and Furbo Mini Firmware < 074 - Sensitive Information Exposure via UART Interface

CVE-2025-11639 LOW

Furbo 360 Dog Camera <036 & Mini <074 - Sensitive Information Exposure in Debug Log

CVE-2025-21045 MEDIUM

Galaxy Watch <SMR Oct-2025 Release 1 - Info Disclosure

CVE-2025-35054 MEDIUM

Newforma Info Exchange - Privilege Escalation

CVE-2025-34189 HIGH

Vasion Print <1.0.735-20.0.1330 - Code Injection

Page 1 of 15 Next

Details

Vulnerabilities 373

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy