CWE-209 (通过错误消息导致的信息暴露) — Vulnerability Class 293

293 vulnerabilities classified as CWE-209 (通过错误消息导致的信息暴露). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-1175	birkir prime GraphQL Directive graphql information exposure — prime	5.3	Medium	2026-01-19
CVE-2025-55250	HCL AION is affected by a Technical Error Disclosure vulnerability — AION	1.8	Low	2026-01-19
CVE-2025-15526	Fancy Product Designer \| WooCommerce WordPress <= 6.4.8 - Unauthenticated Full Path Disclosure via 'pdf' Parameter — Fancy Product Designer	5.3	Medium	2026-01-16
CVE-2026-22646	SICK Incoming Goods Suite 安全漏洞 — Incoming Goods Suite	4.3	Medium	2026-01-15
CVE-2026-20838	Windows Kernel Information Disclosure Vulnerability — Windows 11 version 22H3	5.5	Medium	2026-01-13
CVE-2025-62840	HBS 3 Hybrid Backup Sync — HBS 3 Hybrid Backup Sync	3.5	-	2026-01-02
CVE-2022-50686	Kentico Xperience <= 12.0 Portal Engine Form Control Information Disclosure — Xperience	7.5	High	2025-12-18
CVE-2025-9122	Hitachi Vantara Pentaho Business Analytics Server - Generation of Error Message Containing Sensitive Information — Pentaho Data Integration and Analytics	5.3	Medium	2025-12-15
CVE-2025-13978	Generation of Error Message Containing Sensitive Information in GitLab — GitLab	4.3	Medium	2025-12-11
CVE-2025-36437	IBM Planning Analytics Local is vulnerable to disclosing sensitive information — IBM Planning Analytics Local	4.3	Medium	2025-12-09
CVE-2025-66549	Nextcloud Desktop discloses information when attempting to lock a file inside a end-to-end encrypted directory — security-advisories	2.4	Low	2025-12-05
CVE-2025-13596	Improper Error Handling Leading to Sensitive Information Disclosure in CIGES ≤ 2.15.6 — CIGES	5.3^AI	Medium^AI	2025-11-24
CVE-2025-41076	Multiple vulnerabilities in Limesurvey — LimeSurvey	7.5	-	2025-11-20
CVE-2025-40760	Siemens Altair Grid Engine 安全漏洞 — Altair Grid Engine	5.5	Medium	2025-11-11
CVE-2025-61959	Vertikal Systems Hospital Manager Backend Services Generation of Error Message Containing Sensitive Information — Hospital Manager Backend Services	5.3	Medium	2025-10-29
CVE-2025-12365	Error Messages Wrapped In HTTP Header — BLU-IC2	6.5^AI	Medium^AI	2025-10-27
CVE-2025-62397	Moodle: router produces json instead of 404 error for invalid course id	5.3	Medium	2025-10-23
CVE-2025-62168	Squid vulnerable to information disclosure via authentication credential leakage in error handling — squid	10.0	Critical	2025-10-17
CVE-2025-55676	Windows USB Video Class System Driver Information Disclosure Vulnerability — Windows 11 Version 24H2	5.5	Medium	2025-10-14
CVE-2025-54291	Project existence disclosure in LXD images API — LXD	5.3^AI	Medium^AI	2025-10-02
CVE-2025-26333	Dell Crypto-J 安全漏洞 — BSAFE Crypto-J	5.9	Medium	2025-09-25
CVE-2025-53803	Windows Kernel Memory Information Disclosure Vulnerability — Windows 10 Version 1507	5.5	Medium	2025-09-09
CVE-2025-43776	Liferay Portal和Liferay DXP 安全漏洞 — Portal	5.4^AI	Medium^AI	2025-09-09
CVE-2025-59016	Information Disclosure via File Abstraction Layer — TYPO3 CMS	4.3^AI	Medium^AI	2025-09-09
CVE-2025-43777	Liferay Portal和Liferay DXP 安全漏洞 — Portal	7.5^AI	High^AI	2025-09-09
CVE-2025-36003	IBM Security Verify Governance Identity Manager information disclosure — Security Verify Governance Identity Manager	7.5	High	2025-08-28
CVE-2025-9229	Information Disclosure in MiR robots and MiR fleet through verbose error pages — MiR Robots	5.3	Medium	2025-08-20
CVE-2025-52619	HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure — BigFix SaaS Remediate	5.3	Medium	2025-08-15
CVE-2025-9005	mtons mblog register information exposure — mblog	3.7	Low	2025-08-15
CVE-2025-54791	OMERO.web displays unecessary user information when requesting to reset the password — omero-web	5.3	Medium	2025-08-13

Vulnerabilities classified as CWE-209 (通过错误消息导致的信息暴露) represent 293 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-209 (通过错误消息导致的信息暴露) — Vulnerability Class 293