Weaknesses of type CWE-200
3,933 resultsCVE-2026-29108MEDIUMAuthenticated SuiteCRM Users Can Retrieve The Password Hash of Any UserEPSS 0.3%CVE-2024-45391HIGHTina search token leak via lock file in TinaCMSEPSS 0.3%CVE-2025-15103HIGHDVP-12SE11T - Authentication Bypass via Partial Password DisclosureEPSS 0.3%CVE-2025-67732HIGHDify Vulnerable to Plaintext API Key Exposure via Model Provider Configuration EndpointEPSS 0.3%CVE-2026-5413MEDIUMNewgen OmniDocs GetWebApiConfiguration information disclosureEPSS 0.3%CVE-2023-34242LOWCilium vulnerable to information leakage via incorrect ReferenceGrant handlingEPSS 0.3%CVE-2021-41181LOWNextcloud Talk app exposes chat messages on lockscreenEPSS 0.3%CVE-2025-49653HIGHExposure of sensitive Information allows account takeoverEPSS 0.3%CVE-2025-15508MEDIUMMagic Import Document Extractor <= 1.0.6 - Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2025-24244MEDIUMThe issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, mEPSS 0.3%CVE-2026-26326MEDIUMOpenClaw skills.status could leak secrets to operator.read clientsEPSS 0.3%CVE-2021-32658MEDIUMSensitive data may not be removed from storage on account removalEPSS 0.3%CVE-2023-48335LOWWordPress Hide login page plugin <= 1.1.9 - Secret Login Page Location Disclosure on Multisites vulnerabilityEPSS 0.3%CVE-2023-47818LOWWordPress LWS Hide Login plugin <= 2.1.8 - Secret Login Page Location Disclosure on Multisites vulnerabilityEPSS 0.3%CVE-2026-49269HIGHApple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run aEPSS 0.3%CVE-2023-49822LOWWordPress Ultimate Dashboard plugin <= 3.7.10 - Secret Login Page Location Disclosure on Multisites vulnerabilityEPSS 0.3%CVE-2022-0851—There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the activation key is subsequently passed to subEPSS 0.3%CVE-2023-49748LOWWordPress WPS Hide Login plugin <= 1.9.11 - Secret Login Page Location Disclosure on Multisites vulnerabilityEPSS 0.3%CVE-2024-21064MEDIUMVulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Analytics Web Answers). SupporEPSS 0.3%CVE-2026-32814MEDIUMlibheif: Uninitialized Heap Memory Information Leak via Failed Grid TilesEPSS 0.3%