CVEs classified under CWE-215, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2024-7569 — CVSS 9.6 (critical): An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated…
CVE-2026-2250 — CVSS 7.5 (high): The /dbviewer/ web endpoint in METIS WIC devices is exposed without authentication. A remote attacker can access and export the internal…
CVE-2025-34081 — CVSS 7.5 (high): The Contec Co.,Ltd. CONPROSYS HMI System (CHS) exposes a PHP phpinfo() debug page to unauthenticated users that may contain sensitive data…
CVE-2026-33247 — CVSS 7.4 (high): NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a…
CVE-2026-44934: A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with…
CVE-2025-58598 — CVSS 6.6 (medium): Insertion of Sensitive Information Into Debugging Code vulnerability in Klarna Klarna Order Management for WooCommerce…
CVE-2022-0721 — CVSS 6.5 (medium): Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3.
CVE-2023-49194 — CVSS 5.3 (medium): Insertion of Sensitive Information Into Debugging Code vulnerability in importify Importify (Dropshipping WooCommerce) importify allows…
CVE-2023-21462 — CVSS 4.2 (medium): The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in Android 12 and 3.5.16.20 in Android 13…
CVE-2025-0895 — CVSS 2.4 (low): IBM Cognos Analytics Mobile 1.1 for Android could allow a user with physical access to the device, to obtain sensitive information from…
CVE-2024-22194 — CVSS 2.2 (low): cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic…