Fallos del tipo CWE-200
3937 resultadosCVE-2026-5266LOWExposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Echo.
This vulnerability is associated wiEPSS 0.2%CVE-2026-54396MEDIUMMISP AuthKey edit endpoint allows authenticated user email enumerationEPSS 0.2%CVE-2026-1060MEDIUMWP Adminify <= 4.0.7.7 - Unauthenticated Sensitive Information Exposure via 'get-addons-list' REST APIEPSS 0.2%CVE-2026-9912MEDIUMInappropriate implementation in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensEPSS 0.2%CVE-2026-11182MEDIUMInappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafteEPSS 0.2%CVE-2024-52589LOWModerators can view Screened emails even when the “moderators view emails” option is disabled in DiscourseEPSS 0.2%CVE-2025-40941MEDIUMA vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected devices exposes server information in its respoEPSS 0.2%CVE-2025-20379LOWRisky command safeguards bypass using the “/services/streams/search“ REST endpoint through “q“ parameter in Splunk EnterpriseEPSS 0.2%CVE-2025-62400MEDIUMMoodle: hidden group names visible to event creatorsEPSS 0.2%CVE-2025-11196MEDIUMExternal Login <= 1.11.2 - Authenticated (Subscriber+) Sensitive Data Exposure via Test ConnectionEPSS 0.2%CVE-2026-49187HIGHHard-coded APK Resource Credentials & SceptersEPSS 0.2%CVE-2025-51643LOWMeitrack T366G-L GPS Tracker devices contain an SPI flash chip (Winbond 25Q64JVSIQ) that is accessible without authentication or tamper protEPSS 0.2%CVE-2025-11983MEDIUMWP Discourse <= 2.5.9 - Authenticated (Author+) Information ExposureEPSS 0.2%CVE-2025-24262MEDIUMA privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.4. A sandboxed aEPSS 0.2%CVE-2026-23743MEDIUMDiscourse allows permalinks to restricted resources to leak resource slugs to unauthorized usersEPSS 0.2%CVE-2026-50210MEDIUMWeak Static Cryptographic Initialization VectorsEPSS 0.2%CVE-2024-28238LOWSession Token in URL in directusEPSS 0.2%CVE-2026-49193HIGHPublicly Readable AWS S3 Telemetry BucketsEPSS 0.2%CVE-2021-3585—A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-EPSS 0.2%CVE-2025-26709MEDIUMUnauthorized Access Vulnerability in ZTE F50EPSS 0.2%