Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-200 (信息暴露) — Vulnerability Class 2723

2723 vulnerabilities classified as CWE-200 (信息暴露). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-28434 cpp-httplib's default exception handler leaks e.what() to clients via EXCEPTION_WHAT response header — cpp-httplib 5.3 Medium2026-03-04
CVE-2026-3058 Seraphinite Accelerator <= 2.28.14 - Authenticated (Subscriber+) Exposure of Sensitive Information to an Unauthorized Actor — Seraphinite Accelerator 4.3 Medium2026-03-04
CVE-2026-2747 PGP Mixed Plaintext and Encrypted Content — Secure Email Gateway 5.3AIMediumAI2026-03-04
CVE-2026-1980 WPBookit <= 1.0.8 - Missing Authorization to Unauthenticated Sensitive Customer Data Exposure — WPBookit 5.3 Medium2026-03-04
CVE-2026-25146 OpenEMR's payments gateway_api_key secret rendered into client JS code — openemr 9.6 Critical2026-03-03
CVE-2026-28559 wpForo Forum 2.4.14 Information Disclosure via Global RSS Feed — wpForo Forum 5.3 Medium2026-02-28
CVE-2026-28415 Gradio has Open Redirect in OAuth Flow — gradio 4.3 Medium2026-02-27
CVE-2025-9908 Event-driven-ansible: sensitive internal headers disclosure in aap eda event streams — Red Hat Ansible Automation Platform 2.5 for RHEL 8 6.7 Medium2026-02-27
CVE-2025-9907 Event-driven-ansible: event stream test mode exposes sensitive headers in aap eda — Red Hat Ansible Automation Platform 2.5 for RHEL 8 6.7 Medium2026-02-27
CVE-2026-24498 EFM多款产品 安全漏洞 — ipTIME T5008 9.1 -2026-02-27
CVE-2026-28276 Initiative Allows Unauthenticated Access to Uploaded Documents via Public /uploads/ Endpoint — initiative 7.5 High2026-02-26
CVE-2026-28213 EverShop Vulnerable to Arbitrary Customer Account Takeover via Exposure of Password Reset Token in API Response — evershop 9.8 Critical2026-02-26
CVE-2026-27162 DIscourse doesn't prevent whispers to leak in excerpts — discourse 4.3AIMediumAI2026-02-26
CVE-2026-2244 Sensitive Data Exposure in Google Cloud Vertex AI Workbench — Vertex AI Workbench 7.5AIHighAI2026-02-26
CVE-2026-24487 OpenEMR has FHIR Patient Compartment Bypass in CareTeam Resource — openemr 7.5AIHighAI2026-02-25
CVE-2026-20133 Cisco Catalyst SD-WAN Manager(Cisco SD-WAN vManage) 信息泄露漏洞 — Cisco Catalyst SD-WAN Manager 6.5 Medium2026-02-25
CVE-2026-27611 FileBrowser Quantum: Password Protection Not Enforced on Shared File Links — filebrowser 6.5AIMediumAI2026-02-25
CVE-2026-25135 OpenEMR's location resource for Group.$export operation returns entire patient/user population contact information — openemr 4.5 Medium2026-02-25
CVE-2026-3131 Devolutions Server 安全漏洞 — Server 6.5 -2026-02-24
CVE-2026-23983 Apache Superset: Sensitive Data Exposure via REST API (disabled by default) — Apache Superset 6.5 -2026-02-24
CVE-2026-2976 FastApiAdmin Download Endpoint controller.py download_controller information disclosure — FastApiAdmin 4.3 Medium2026-02-23
CVE-2026-2975 FastApiAdmin Custom Documentation Endpoint init_app.py reset_api_docs information disclosure — FastApiAdmin 5.3 Medium2026-02-23
CVE-2026-2894 funadmin forget.html getMember information disclosure — funadmin 5.3 Medium2026-02-21
CVE-2026-27467 BigBlueButton: Audio from participants to the server initially unmuted — bigbluebutton 2.0 Low2026-02-21
CVE-2026-27452 ASN.1 TypeScript Library: Decoding an INTEGER could leak the underlying ArrayBuffer — asn1-ts 7.5AIHighAI2026-02-21
CVE-2026-2861 Foswiki Changes/Viewfile/Oops information disclosure — Foswiki 5.3 Medium2026-02-21
CVE-2026-27193 Feathers exposes internal headers via unencrypted session cookie — feathers 5.3AIMediumAI2026-02-21
CVE-2026-27161 Unauthenticated Information Disclosure via .htaccess Reliance in Sensitive Directories — GetSimpleCMS-CE 5.9AIMediumAI2026-02-20
CVE-2026-2832 Certain Samsung MultiXpress Multifunction Printers Firmware – Potential Information Disclosure — Samsung MultiXpress SL-X7600LXR, SL-X7500LXR, SL-X7400LXR 7.5AIHighAI2026-02-20
CVE-2026-26964 Windmill Exposes Workspace Slack OAuth Client Secrets to Non-Admin Workspace Members — windmill 2.7 Low2026-02-19

Vulnerabilities classified as CWE-200 (信息暴露) represent 2723 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.