Weaknesses of type CWE-200
3,933 resultsCVE-2025-3923MEDIUMPrevent Direct Access – Protect WordPress Files <= 2.8.8 - Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2026-1197LOWMineAdmin downloadById information disclosureEPSS 0.3%CVE-2026-8966HIGHInformation disclosure in the IP Protection componentEPSS 0.3%CVE-2026-8967HIGHInformation disclosure in the Graphics: WebGPU componentEPSS 0.3%CVE-2026-35449MEDIUMWWBN AVideo has Unauthenticated Information Disclosure via Disabled CLI Guard in install/test.phpEPSS 0.3%CVE-2026-6728MEDIUMSlider Revolution <= 7.0.9 - Unauthenticated Sensitive Information Exposure via 'sliders/stream'EPSS 0.3%CVE-2025-52493MEDIUMPagerDuty Runbook through 2025-06-12 exposes stored secrets directly in the webpage DOM at the configuration page. Although these secrets apEPSS 0.3%CVE-2025-9461MEDIUMdiyhi bbs File Compression FilePackageManageAction.java information disclosureEPSS 0.3%CVE-2026-55450CRITICALLangflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leakEPSS 0.3%CVE-2024-28188MEDIUMjupyter-scheduler's endpoint is missing authenticationEPSS 0.3%CVE-2026-12120MEDIUMFireBox Popups <= 3.1.7 - Unauthenticated Sensitive Information Exposure in 'form_id' ParameterEPSS 0.3%CVE-2025-3403MEDIUMVivotek NVR ND8422P/NVR ND9525P/NVR ND9541P HTML Form sensitive information in sourceEPSS 0.3%CVE-2024-12340MEDIUMAnimation Addons for Elementor <= 1.1.6 - Authenticated (Contributor+) Sensitive Information Exposure via Content Slider and Tabs Widget Elementor TemplateEPSS 0.3%CVE-2025-20207MEDIUMCisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure VulnerabilityEPSS 0.3%CVE-2024-41698MEDIUMPriority – CWE-200: Exposure of Sensitive Information to an Unauthorized ActorEPSS 0.3%CVE-2026-34305HIGHVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affeEPSS 0.3%CVE-2026-2268HIGHNinja Forms <= 3.14.0 - Unauthenticated Information Disclosure in nf_ajax_submit AJAX ActionEPSS 0.3%CVE-2025-15381HIGHUnauthorized Access to Tracing and Assessment Endpoints in mlflow/mlflowEPSS 0.3%CVE-2026-1267MEDIUMIBM Planning Analytics Information DisclosureEPSS 0.3%CVE-2025-11997MEDIUMDocument Pro Elementor – Documentation & Knowledge Base <= 1.0.9 - Unauthenticated Information ExposureEPSS 0.3%