CVE-2026-40584
HIGHRansomLook - Improper Filtering of Private Location Entries in API Endpoints Leads to Information Exposure
Title source: cnaDescription
RansomLook is a tool to monitor Ransomware groups and markets and extract their victims. Prior to 1.9.0, the API in the affected application improperly filters private location entries in website/web/api/genericapi.py. Because the code removes elements from a list while iterating over it, entries marked as private may be unintentionally retained in API responses, allowing unauthorized disclosure of non-public location information. This vulnerability is fixed in 1.9.0.
References (2)
Core 2
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/RansomLook/RansomLook/security/advisories/GHSA-hv66-vcqc-v87c
X_Refsource_Misc x_refsource_misc
https://vulnerability.circl.lu/vuln/gcve-1-2026-0025
Scores
CVSS v3
7.5
EPSS
0.0028
EPSS Percentile
19.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-200
Status
published
Products (2)
ransomlook/ransomlook
< 1.9.0
RansomLook/RansomLook
< 1.9.0
Published
Apr 21, 2026
Tracked Since
Apr 21, 2026