Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-200 (信息暴露) — Vulnerability Class 2723

2723 vulnerabilities classified as CWE-200 (信息暴露). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-20730 BIG-IP Edge Client for Windows vulnerability — BIG-IP Edge Client 3.3 Low2026-02-04
CVE-2025-15508 Magic Import Document Extractor <= 1.0.6 - Unauthenticated Sensitive Information Exposure — Magic Import Document Extractor 5.3 Medium2026-02-04
CVE-2025-15482 Chapa Payment Gateway Plugin for WooCommerce <= 1.0.3 - Unauthenticated Sensitive Information Exposure — Chapa Payment Gateway Plugin for WooCommerce 5.3 Medium2026-02-04
CVE-2025-52631 HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security (HSTS) Header vulnerability. — AION 3.7 Low2026-02-03
CVE-2020-37114 GUnet OpenEclass 1.7.3 E-learning platform - Information Disclosure — GUnet OpenEclass 4.3 Medium2026-02-03
CVE-2025-65017 Decidim's private data exports can lead to data leaks — decidim 6.5AIMediumAI2026-02-03
CVE-2026-1371 Tutor LMS <= 3.9.5 - Authenticated (Subscriber+) Information Disclosure in Coupon Details via 'tutor_coupon_details' AJAX Action — Tutor LMS – eLearning and online course solution 5.3 Medium2026-02-03
CVE-2025-8590 Information Disclosure in AKCE Software's SKSPro — SKSPro 7.5 High2026-02-03
CVE-2026-0950 Spectra Gutenberg Blocks <= 2.19.17 - Unauthenticated Information Disclosure in Sensitive Data — Spectra Gutenberg Blocks – Website Builder for the Block Editor 5.3 Medium2026-02-03
CVE-2025-61639 Suppressed blocked IP is visible in Special:BlockList, RC, and other places — MediaWiki 7.5AIHighAI2026-02-02
CVE-2025-6590 Complete content leak of private wikis due to PasswordReset Wikitext injection in error message — MediaWiki 7.5AIHighAI2026-02-02
CVE-2026-25222 PolarLearn Affected by User Enumeration via Argon2 Timing Attack on Sign-In Endpoint — PolarLearn 3.7AILowAI2026-02-02
CVE-2026-23743 Discourse allows permalinks to restricted resources to leak resource slugs to unauthorized users — discourse 5.4AIMediumAI2026-01-28
CVE-2026-1060 WP Adminify <= 4.0.7.7 - Unauthenticated Sensitive Information Exposure via 'get-addons-list' REST API — WP Adminify – White Label WordPress, Admin Menu Editor, Login Customizer 5.3 Medium2026-01-28
CVE-2025-54373 OpenEMR may expose Contents of Clinical Notes and Care Planto users who do not have Sensitivities=high privilege — openemr 5.4AIMediumAI2026-01-27
CVE-2026-24473 Hono has an Arbitrary Key Read in Serve static Middleware (Cloudflare Workers Adapter) — hono 7.5AIHighAI2026-01-27
CVE-2026-24870 Information disclosure in ixray-1.6-stcop — ixray-1.6-stcop 3.7 Low2026-01-27
CVE-2026-1407 Beetel 777VR1 UART information disclosure — 777VR1 2.0 Low2026-01-25
CVE-2025-6461 CubeWP – All-in-One Dynamic Content Framework <= 1.1.27 - Unauthenticated Post Disclosure in class-cubewp-search-ajax-hooks.php — CubeWP Framework 4.3 Medium2026-01-25
CVE-2025-13920 WP Directory Kit <= 1.4.9 - Unauthenticated Email Exposure via wdk_public_action — WP Directory Kit 5.3 Medium2026-01-24
CVE-2026-24422 phpMyFAQ: Public API endpoints expose emails and invisible questions — phpMyFAQ 5.3 Medium2026-01-24
CVE-2026-0789 ALGO 8180 IP Audio Alerter Web UI Inclusion of Authentication Cookie in Response Body Information Disclosure Vulnerability — 8180 IP Audio Alerter 7.5 -2026-01-23
CVE-2026-21524 Azure Data Explorer Information Disclosure Vulnerability — Azure Data Explorer 7.4 High2026-01-22
CVE-2026-20800 Notification API Leaks Private Repository Issue Titles After Collaborator Permission Revocation — Gitea Open Source Git Server 5.4AIMediumAI2026-01-22
CVE-2025-12738 Enumeration of restricted property value — Enterprise Edition 4.3AIMediumAI2026-01-22
CVE-2026-1197 MineAdmin downloadById information disclosure — MineAdmin 3.1 Low2026-01-20
CVE-2026-1196 MineAdmin getFileInfoById information disclosure — MineAdmin 3.1 Low2026-01-20
CVE-2026-1194 MineAdmin Swagger information disclosure — MineAdmin 5.3 Medium2026-01-19
CVE-2026-1170 birkir prime GraphQL API graphql information disclosure — prime 5.3 Medium2026-01-19
CVE-2025-12129 CubeWP – All-in-One Dynamic Content Framework <= 1.1.27 - Unauthenticated Information Exposure — CubeWP Framework 5.3 Medium2026-01-17

Vulnerabilities classified as CWE-200 (信息暴露) represent 2723 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.