Weaknesses of type CWE-200
3,943 resultsCVE-2026-11209MEDIUMInappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the rendererEPSS 0.2%CVE-2025-30451MEDIUMThis issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.4. An app may be able to EPSS 0.2%CVE-2022-23157MEDIUMWyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A authenticated malicious user could potentialEPSS 0.2%CVE-2026-11271MEDIUMInappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage iEPSS 0.2%CVE-2024-40842MEDIUMAn issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15. An app may be able to accEPSS 0.2%CVE-2026-11180MEDIUMInappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafteEPSS 0.2%CVE-2026-31262MEDIUMCross Site Scripting vulnerability in Altenar Sportsbook Software Platform (SB2) v.2.0 allows a remote attacker to obtain sensitive informatEPSS 0.2%CVE-2026-27481MEDIUMDiscourse: Hidden tag visibility bypass on tag routesEPSS 0.2%CVE-2026-14096MEDIUMInappropriate implementation in Input in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the rEPSS 0.2%CVE-2026-11203MEDIUMInappropriate implementation in GPU in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via aEPSS 0.2%CVE-2026-14098MEDIUMInappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafteEPSS 0.2%CVE-2026-8405MEDIUMIBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerabilityEPSS 0.2%CVE-2026-20164MEDIUMSensitive Information Disclosure through Improper Access Control in Splunk EnterpriseEPSS 0.2%CVE-2026-42865LOWInbox Zero: Cross-account cleaner email stream exposureEPSS 0.2%CVE-2026-27162MEDIUMDIscourse doesn't prevent whispers to leak in excerptsEPSS 0.2%CVE-2026-34093LOWSpecial:UserRights allows viewing user rights from private wikiEPSS 0.2%CVE-2026-4409MEDIUMSubscribe To Comments Reloaded <= 240119 - Improper Authorization to Unauthenticated Arbitrary Subscription ManagementEPSS 0.2%CVE-2025-20624MEDIUMExposure of sensitive information to an unauthorized actor for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow aEPSS 0.2%CVE-2021-4135—A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for theEPSS 0.2%CVE-2025-43215MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may result iEPSS 0.2%