CVEs classified under CWE-540, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (19)
CVE-2025-26013 — CVSS 8.2 (high): An issue in Loggrove v.1.0 allows a remote attacker to obtain sensitive information via the read.py component.
CVE-2023-39250 — CVSS 7.8 (high): Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager…
CVE-2026-4155 — CVSS 7.5 (high): ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability. This vulnerability allows…
CVE-2025-49182 — CVSS 7.5 (high): Files in the source code contain login credentials for the admin user and the property configuration password, allowing an attacker to get…
CVE-2024-1272 — CVSS 7.5 (high): Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit Software allows Retrieve Embedded Sensitive…
CVE-2024-38327 — CVSS 6.8 (medium): IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 is vulnerable to information exposure and further attacks due to an exposed JavaScript…
CVE-2026-35383 — CVSS 6.5 (medium): Bentley Systems iTwin Platform exposed a Cesium ion access token in the source of some web pages. An unauthenticated attacker could use…
CVE-2025-0923 — CVSS 5.3 (medium): IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 stores source code on the web…
CVE-2024-35144 — CVSS 5.3 (medium): IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the web server that could aid in further attacks…
CVE-2024-2265 — CVSS 5.3 (medium): A vulnerability, which was classified as problematic, was found in keerti1924 PHP-MYSQL-User-Login-System 1.0. This affects an unknown part…
CVE-2026-22275 — CVSS 4.4 (medium): Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Inclusion of Sensitive Information…
CVE-2025-36299 — CVSS 4.3 (medium): IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code could be used in further attacks against the…
CVE-2024-27257 — CVSS 4.3 (medium): IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to…
CVE-2024-39729 — CVSS 4.3 (medium): IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source…
CVE-2021-1516 — CVSS 4.3 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA)…
CVE-2024-9596 — CVSS 3.7 (low): An issue has been discovered in GitLab EE affecting all versions starting from 16.6 prior to 17.2.9, from 17.3 prior to 17.3.5, and from…
CVE-2024-2355 — CVSS 3.7 (low): A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. Affected by this vulnerability is…
CVE-2024-8417 — CVSS 3.1 (low): A vulnerability was found in 云课网络科技有限公司 Yunke Online School System up to 1.5.5. It has been declared as problematic…
CVE-2024-55907 — CVSS 2.0 (low): IBM Cognos Analytics Mobile 1.1 for iOS application could allow an attacker to reverse engineer the codebase to gain knowledge about the…