Information Disclosure
Information disclosure occurs when an application unintentionally exposes sensitive data that aids attackers in reconnaissance or directly compromises security.
How It Works
Information disclosure occurs when an application unintentionally exposes sensitive data that aids attackers in reconnaissance or directly compromises security. This happens through multiple channels: verbose error messages that display stack traces revealing internal paths and frameworks, improperly secured debug endpoints left active in production, and misconfigured servers that expose directory listings or version control artifacts like .git folders. APIs often leak excessive data in responses—returning full user objects when only a name is needed, or revealing system internals through metadata fields.
Attackers exploit these exposures systematically. They probe for common sensitive files (.env, config.php, backup archives), trigger error conditions to extract framework details, and analyze response timing or content differences to enumerate valid usernames or resources. Even subtle variations—like "invalid password" versus "user not found"—enable account enumeration. Exposed configuration files frequently contain database credentials, API keys, or internal service URLs that unlock further attack vectors.
The attack flow typically starts with passive reconnaissance: examining HTTP headers, JavaScript bundles, and public endpoints for version information and architecture clues. Active probing follows—testing predictable paths, manipulating parameters to trigger exceptions, and comparing responses across similar requests to identify information leakage patterns.
Impact
- Credential compromise: Exposed configuration files, hardcoded secrets in source code, or API keys enable direct authentication bypass
- Attack surface mapping: Stack traces, framework versions, and internal paths help attackers craft targeted exploits for known vulnerabilities
- Data breach: Direct exposure of user data, payment information, or proprietary business logic through oversharing APIs or accessible backups
- Privilege escalation pathway: Internal URLs, service discovery information, and architecture details facilitate lateral movement and SSRF attacks
- Compliance violations: GDPR, PCI-DSS, and HIPAA penalties for exposing regulated data through preventable disclosures
Real-World Examples
A major Git repository exposure affected thousands of websites when .git folders remained accessible on production servers, allowing attackers to reconstruct entire source code histories including deleted commits containing credentials. Tools like GitDumper automated mass exploitation of this misconfiguration.
Cloud storage misconfigurations have repeatedly exposed sensitive data when companies left S3 buckets or Azure Blob containers publicly readable. One incident exposed 150 million voter records because verbose API error messages revealed the storage URL structure, and no authentication was required.
Framework debug modes left enabled in production have caused numerous breaches. Django's DEBUG=True setting exposed complete stack traces with database queries and environment variables, while Laravel's debug pages revealed encryption keys through the APP_KEY variable in environment dumps.
Mitigation
- Generic error pages: Return uniform error messages to users; log detailed exceptions server-side only
- Disable debug modes: Enforce production configurations that suppress stack traces, verbose logging, and debug endpoints through deployment automation
- Access control audits: Restrict or remove development artifacts (
.git, backup files,phpinfo()) and internal endpoints before deployment - Response minimization: API responses should return only necessary fields; implement allowlists rather than blocklists for data exposure
- Security headers: Deploy
X-Content-Type-Options, remove server version banners, and disable directory indexing - Timing consistency: Ensure authentication and validation responses take uniform time regardless of input validity
Recent CVEs (66636)
Local privilege escalation in the MBStorage DRAM lighting control module of GIGABYTE's Gigabyte Control Center (GCC) lets an authenticated low-privileged local user reach kernel-level privileges by abusing the bundled MyPortIO_x64.sys driver. The driver exposes IOCTL handlers without adequate access control, permitting arbitrary read and write of physical memory. No public exploit identified at time of analysis; the issue was reported by Taiwan's TWCERT and carries a CVSS 4.0 base score of 8.5 (High).
Path validation bypass in kicad-mcp up to 3.3.1 enables local low-privileged users to read files outside intended directory scope by manipulating the `project_path` or `schematic_path` arguments processed by `kicad_mcp/utils/path_validator.py`. The protection mechanism in this MCP (Model Context Protocol) server for KiCad PCB design software fails to adequately sanitize or normalize supplied paths, resulting in limited confidentiality impact with no integrity or availability consequences. No public patch is available as of this analysis; a proof-of-concept exploit exists publicly via GitHub issue #57, though the project maintainer has not yet responded to the disclosure.
Inclusion of functionality from an untrusted control sphere in usestrix strix (up to v1.0.2) allows remote attackers to manipulate the system_prompt.jinja template within the PyPI Handler component, achieving limited confidentiality, integrity, and availability impact. The CVSS 4.0 score of 2.3 reflects high attack complexity and required passive user interaction, placing real-world exploitation difficulty considerably higher than the network-facing attack vector alone implies. A public proof-of-concept is available on GitHub; no patch has been issued and the vendor has not responded to disclosure.
Local privilege/impact abuse in Tencent PC Manager 18.1.30242.301 stems from an uncontrolled search path (CWE-427) in the QMUDisk kernel driver library qmudisk64.sys, letting a low-privileged local user coerce loading of an attacker-controlled library to achieve high confidentiality, integrity, and availability impact. Publicly available exploit code exists (the 'qmukiller' proof-of-concept on GitHub), but exploitation is rated high-complexity/difficult and requires local access with existing low-level privileges. No public exploit has been tied to active in-the-wild attacks, and the vendor did not respond to the disclosure, so no fix is currently available.
Out-of-bounds read in the EIPStackGroup OpENer EtherNet/IP stack (version 2.3.0, commit 76b95cf) lets a remote unauthenticated attacker send a crafted ENIP frame carrying a malformed CIP ForwardOpen/LargeForwardOpen request that drives the Connection Manager parser to read past the supplied request buffer, exposing adjacent memory or crashing the stack. Per the CVSS vector (AV:N/AC:L/PR:N/UI:N) it is reachable over the network with no authentication and low complexity, yielding high confidentiality and availability impact. No CISA KEV listing and no EPSS were supplied; no active exploitation is confirmed, though a referenced public gist appears to document the flaw and may contain proof-of-concept material.
OpENer 2.3.0 (commit 76b95cf) has an out-of-bounds read issue in CIP message parsing when handling malformed explicit requests with a forged EPath size. An attacker can send a valid ENIP SendRRData frame carrying a very short CIP payload whose path_size field claims that many more path words are present than are actually available. Because the parser trusts the attacker-controlled path_size and continues decoding path segments without a remaining-length boundary, it reads beyond the end of the stack receive buffer.
Sensitive information disclosure in OpenBMB XAgent v1.0.0 and earlier allows remote unauthenticated attackers to read arbitrary files on the server by abusing a path traversal flaw in the file() endpoint of XAgentServer's workspace router. The user-controllable 'filename' parameter is concatenated into a file path without validation, so a crafted request escapes the intended workspace directory. SSVC lists exploitation as proof-of-concept and automatable=yes; publicly available exploit code exists via a referenced gist, though this is not confirmed as actively exploited in the wild.
Unauthenticated information disclosure in Capgo's /private/sso/check-domain endpoint exposes internal org_id and provider_id values to any network-reachable attacker. All Capgo deployments prior to version 12.128.2 are affected, with the vulnerable endpoint accessible without credentials. An attacker can systematically enumerate email domains against this endpoint to construct a detailed mapping of domains to organization UUIDs and SSO provider identifiers, enabling targeted reconnaissance against Capgo tenants - no public exploit identified at time of analysis.
Credential exfiltration in Crawl4AI's Docker API server (all versions before 0.8.8) lets remote unauthenticated attackers steal secrets from the host. By abusing the exposed /md, /llm, and /llm/job endpoints, an attacker supplies a malicious base_url to redirect outbound LLM API calls and sets api_token to the special form env:VARIABLE_NAME, causing the server to resolve and leak arbitrary environment variables - including provider API keys and the JWT SECRET_KEY, which in turn enables full authentication bypass. No public exploit identified at time of analysis, but the flaw is trivially exploitable and reported by VulnCheck with an assigned CVSS 4.0 score of 8.8.
Unauthenticated information disclosure in Capgo before 12.128.2 exposes confidential business metrics through the Supabase PostgREST /rest/v1/global_stats endpoint, which lacks row-level security enforcement. Any remote party holding only the public (anon) Supabase apikey - a value embedded in Capgo client apps and therefore trivially obtainable - can read MRR, total and plan-tier revenue, customer counts, and operational telemetry. Reported by VulnCheck via a GitHub security advisory; no public exploit code or active exploitation has been identified at time of analysis, though the CVSS 4.0 score of 8.7 reflects high confidentiality impact with no barriers to access.
Unauthenticated remote password modification on H3C NX15 V100R017 routers allows any network-reachable attacker to overwrite the administrator password via the change_passwd function at the /api/login/modify endpoint, effectively seizing full administrative control of the device. The vulnerability stems from a missing authentication or authorization check on the password modification API (CWE-640), meaning no credentials or session token are required to invoke it. A public proof-of-concept exploit is available on GitHub, and no vendor patch has been identified at time of analysis.
Information disclosure in the Grav Admin2 plugin (getgrav/grav-plugin-admin2) before 2.0.4 exposes a window.__GRAV_CONFIG__ JavaScript object on the /grav/admin SPA bootstrap page and its subroutes, leaking exact Grav and Admin2 version numbers, server URL, API prefix, admin base path, and runtime environment to any unauthenticated visitor. Reported by VulnCheck, the flaw lets remote unauthenticated attackers fingerprint a deployment and pre-select version-specific exploits with zero active reconnaissance. No public exploit identified at time of analysis, and it is not listed in CISA KEV.
Unauthenticated agent access in PraisonAI before 1.7.3 lets remote attackers read agent instructions and system prompts and directly invoke agents because the server ships with insecure defaults - binding to all network interfaces (0.0.0.0), enforcing no API key, and allowing wildcard CORS. Any attacker who can reach the service can call GET /api/agents to exfiltrate proprietary prompt logic or POST /api/chat to abuse the agents without credentials. There is no public exploit identified at time of analysis, but exploitation is trivial and requires no special tooling given the missing authentication.
Prototype pollution in Hono before 4.12.7 enables unauthenticated remote attackers to inject properties into JavaScript's Object.prototype by submitting crafted form field names containing '__proto__' keys when the 'dot' option is enabled in parseBody. Exploitation is conditional - it further requires that application code merges parsed body output into plain JavaScript objects using unsafe merge patterns - but when both conditions are present, attackers can silently alter inherited object behavior across the entire runtime, potentially bypassing authorization checks or leaking sensitive data. No public exploit code or CISA KEV listing exists at time of analysis; the CVSS 4.0 score of 6.3 reflects limited impact and the attack prerequisite of the non-default dot option being enabled.
Unauthenticated API key metadata disclosure in Capgo before 12.128.2 stems from the find_apikey_by_value PostgreSQL function being marked SECURITY DEFINER and granted to the anon role, allowing anyone to call it through the PostgREST endpoint /rest/v1/rpc/find_apikey_by_value. When supplied a valid key value, an attacker retrieves sensitive metadata about that key - user_id, mode, organization scoping, and expiration details - bypassing normal row-level security. Reported by VulnCheck with CVSS 4.0 8.7 (High); no public exploit identified at time of analysis and it is not listed in CISA KEV.
Information disclosure in Capgo (Cap-go) before 12.128.2 allows unauthenticated network attackers to enumerate valid app IDs by observing differential error responses from the public.transfer_app RPC endpoint, requiring only a publishable API key. The root cause is a CWE-203 observable discrepancy: the endpoint returns distinguishable error messages depending on whether a supplied app ID exists or not, functioning as an existence oracle. No active exploitation is confirmed (not in CISA KEV), but the low barrier to exploitation - network-accessible, no authentication beyond a publishable key - makes this a practical reconnaissance primitive against Capgo-hosted applications.
Context Blog WordPress theme (all versions through 1.3.5) exposes the full content of password-protected posts to unauthenticated remote attackers through the `context_blog_modal_popup` component, effectively bypassing WordPress's native content-gating mechanism. The CVSS vector (AV:N/AC:L/PR:N/UI:N) confirms trivially low exploitation complexity with no authentication or user interaction required. No public exploit code or active exploitation has been identified at time of analysis, and real-world impact is bounded entirely by what site owners store behind password-protected posts.
Plaintext payment gateway secret key exposure in the Cost Calculator Builder WordPress plugin (all versions ≤ 4.0.11) allows any unauthenticated remote visitor to harvest Stripe, Razorpay, and PayPal merchant credentials directly from page HTML source. The plugin embeds live API secret keys in the frontend template body when the 'use in all calculators' global payment gateway option is active, making those keys readable without any authentication or special tooling. While the assigned CVSS score is 5.3 (Medium), the practical impact is business-critical: extracted secret keys grant full programmatic control over the merchant's payment accounts, enabling unauthorized charges, refunds, and access to stored customer payment data. No public exploit or CISA KEV listing is identified at time of analysis.
Payment bypass in WP Hotel Booking (WordPress plugin, all versions ≤2.3.1) allows unauthenticated attackers to mark arbitrary hotel reservations as fully paid without submitting genuine payment. The PayPal IPN handler `web_hook_process_paypal_standard()` accepts an attacker-controlled `test_ipn=1` parameter that silently reroutes IPN validation to PayPal's sandbox environment, where a free sandbox account returns a legitimate 'VERIFIED' response; the handler then promotes any pending booking to completed while skipping critical post-verification checks on `receiver_email`, `mc_currency`, and `txn_id` uniqueness. No public exploit is identified at time of analysis, but the attack requires only a free PayPal sandbox account, making it nearly zero-cost for any motivated attacker.
Sensitive Information Exposure in the Mux Video Uploader WordPress plugin (all versions through 1.1.4) allows any authenticated WordPress user at subscriber level or higher to retrieve Mux API credentials via the `muxvideo_enqueue_settings_script` function. Mux API keys exposed this way could enable unauthorized access to the site's Mux account, including video management and potential billing abuse. Reported by Wordfence; no public exploit code or CISA KEV listing identified at time of analysis.
Local File Inclusion in the LA-Studio Element Kit for Elementor WordPress plugin (all versions through 1.6.1) lets authenticated contributors and above coerce the get_type_template function into including arbitrary server-side .php files, enabling access-control bypass, sensitive data disclosure, and full PHP code execution where an attacker can plant a .php file. Reported by Wordfence with a CVSS 3.1 base score of 7.5; no public exploit identified at time of analysis and it is not listed in CISA KEV. The flaw stems from wp_normalize_path being relied upon for path safety even though it only canonicalizes separators and never rejects traversal sequences.
Sensitive information exposure in the Members - Membership & User Role Editor Plugin for WordPress (all versions through 3.2.22) allows unauthenticated network attackers to exploit the REST API filter `members_filter_protected_posts_for_rest` as a boolean oracle, revealing the existence, count, and inferred keyword content of posts explicitly restricted by membership rules. The mechanism abuses per-page pagination parameters to observe response count changes, enabling iterative inference of hidden post content without ever receiving the post body directly. No public exploit code has been identified at time of analysis, and this is not listed in CISA KEV, but the zero-authentication, network-accessible attack surface means any WordPress site using this plugin with sensitive restricted content is exposed by default.
Backend resource exhaustion in Hydro-Québec's Le Circuit Electrique EV charging station backend (all versions prior to the June 2026 fix) lets remote unauthenticated attackers open multiple simultaneous OCPP sessions under a single charging station identifier, flooding the platform with rogue clients. Because the backend never enforces one active session per station ID, an attacker can spin up many spoofed OCPP clients and exhaust backend capacity, degrading or denying service to legitimate charging stations. There is no public exploit identified at time of analysis, and the issue is not listed in CISA KEV; EPSS data was not provided.
Denial-of-service exposure in the Hydro-Québec Le Circuit Électrique EV charging-station backend allows remote, unauthenticated attackers to hammer the authentication endpoint without rate limiting, degrading or exhausting the service that charging stations rely on. The flaw (CWE-307, missing throttling of repeated auth attempts) affects all backend versions prior to the June 2026 fix and carries a CVSS 4.0 base score of 8.7. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but it was reported through ICS-CERT and documented in CISA ICS advisory ICSA-26-188-01.
vulnerability in Drupal Composer allows . This issue affects Composer versions: *.*.
vulnerability in Drupal Brute force attack protection allows . This issue affects Brute force attack protection versions: *.*.
High-privilege network exploitation of the Drupal Raw Formatter [Meta Tag Formatter] contributed module leads to high confidentiality and integrity impact across all released versions. The vulnerability requires an authenticated user with elevated Drupal permissions and high attack complexity (PR:H, AC:H per CVSS), significantly narrowing the realistic attack surface despite the notable C:H/I:H impact rating. No public exploit has been identified at time of analysis, EPSS sits at 0.24% (15th percentile), and SSVC confirms exploitation status as none - consistent with a narrow, privilege-dependent flaw in a niche contrib module rather than a broadly weaponizable issue.
Brute-force credential attacks against Drupal sites running the Login Disable contrib module (versions 0.0.0 through 2.1.4) are enabled by the module's failure to restrict excessive authentication attempts (CWE-307). The module, intended to provide administrators with login-gating controls, paradoxically omits rate-limiting enforcement, allowing a low-privileged attacker to enumerate or compromise user credentials via automated requests. EPSS is low (0.21%, 12th percentile) and no active exploitation is confirmed in CISA KEV, but the network-accessible attack vector and low complexity keep this relevant for sites where the module is deployed.
Integrity bypass in Chainguard's apko (and the shared logic in melange) allows a network attacker to swap the actual installed contents of an apk package while its signature check still passes, because apko validated only the control-section hash (.PKGINFO) against the signed APKINDEX and never verified the data-section hash. Anyone able to compromise a package mirror, poison a fetch cache, or MITM the download can therefore inject arbitrary files into images built with these tools. No public exploit is identified at time of analysis, and the flaw is not listed in CISA KEV.
WAF filtering bypass in OWASP ModSecurity (libmodsecurity) before 3.0.16 lets remote unauthenticated attackers smuggle malicious payloads past inspection rules by exploiting a multipart/form-data parser differential. The engine silently strips embedded line breaks from non-file form-field values before populating ARGS and ARGS_POST, so any rule whose detection depends on a newline (e.g. command, header, or injection syntax spanning a line break) fails to match while the backend still receives and acts on the intact payload. No public exploit identified at time of analysis, but the CVSS base score of 8.6 reflects a scope-changing integrity impact on every application shielded by an affected deployment.
Nezha Monitoring versions prior to 2.2.5 expose stored third-party API credentials in plaintext through two listing API endpoints to any authenticated admin or PAT holder with read-scoped access. The GET /api/v1/ddns and GET /api/v1/notification handlers serialize full database objects - including Cloudflare API tokens, TencentCloud SecretKeys, and Slack, Discord, and Telegram webhook URLs with embedded bot tokens - without any field-level redaction, enabling a single API call to harvest all configured credentials. No public exploit has been identified at time of analysis, and a vendor-released patch is available in v2.2.5.
Malformed JSON output in Apache Log4j API versions 2.13.1-2.25.4 and 2.26.0 allows a remote attacker who can inject non-finite floating-point values (NaN, Infinity, -Infinity) into a logged MapMessage to corrupt downstream log records and disrupt log ingestion pipelines. This is an incomplete fix follow-on to CVE-2026-34481: the prior patch left code paths in MapMessage.asJson() and MapMessage.getFormattedMessage(["JSON"]) that still emit bare IEEE 754 non-finite tokens prohibited by RFC 8259. No public exploit or active exploitation (CISA KEV) has been identified; the CVSS 4.0 score of 6.3 reflects limited subsequent-system integrity impact rather than direct host compromise.
User enumeration via the reset_password endpoint in Frappe framework exposes valid account usernames to unauthenticated remote attackers across all versions prior to 15.106.0 and 16.16.0. The flaw stems from observable response discrepancies (CWE-203) that allow systematic probing of registered accounts without any credentials. No public exploit has been identified at time of analysis and no CISA KEV listing exists, but the zero-barrier network access makes this a realistic reconnaissance primitive for credential stuffing or targeted phishing campaigns against Frappe-based deployments.
Authentication-bypass via timing side-channel in Phalcon's Crypt::decrypt (cphalcon PHP framework prior to 5.14.1) allows remote attackers to forge valid HMAC tags and have tampered ciphertext accepted as authentic. Because the HMAC verification uses PHP/Zephir identity comparison that short-circuits on the first mismatching byte, an attacker who can observe response timing can recover a valid tag byte-by-byte and break the encrypt-then-MAC integrity guarantee. There is no public exploit identified at time of analysis and it is not in CISA KEV, but the flaw is confirmed and patched by the vendor in 5.14.1.
Unauthorized schema disclosure in Grist Core prior to 1.7.15 allows any user with partial read access - explicitly including anonymous public users on publicly viewable documents - to retrieve table and column metadata for any widget by querying the GET /forms endpoint. The endpoint failed both to validate that the requested section was a form widget and to apply the document's configured access rules before returning metadata, meaning hidden schema structure (table names, column names, types) is fully exposed regardless of the restrictions in place. No public exploit has been identified and the vulnerability is not in CISA KEV; a vendor-released patch exists in version 1.7.15.
Local privilege escalation and memory corruption in Imagination Technologies Graphics DDK (PowerVR GPU driver kit) lets a malicious kernel driver inside a Host VM issue improper commands to the GPU firmware, causing a memory write outside the host kernel's permitted range. The flaw is a TOCTOU race in which values are altered in memory after the firmware validates them but before it uses them, bypassing the firmware's range enforcement. No public exploit identified at time of analysis, EPSS is low (0.12%, 2nd percentile), and it is not listed in CISA KEV.
Sensitive HTTP header leakage in the excon Ruby gem's RedirectFollower middleware exposes credentials and tokens to unintended redirect destinations. Applications using the RedirectFollower middleware that include headers such as Authorization or API keys in outbound requests will inadvertently forward those headers to the redirect target - which may be attacker-controlled or a third-party service. No public exploit code has been identified and this vulnerability is not listed in CISA KEV; however, the CVSS 3.1 score of 6.5 reflects high confidentiality impact, and a vendor-released patch is available in v1.5.0.
Sensitive credential disclosure in RabbitMQ affects installations running the management plugin with OAuth 2 configured via management.oauth_client_secret, prior to versions 3.13.15, 4.0.20, 4.1.11, and 4.2.6. The obsolete GET /api/auth endpoint returns the configured OAuth 2 client secret to unauthenticated callers, allowing any remote party with network reach to the management interface to harvest the credential and potentially impersonate the broker to its identity provider. No public exploit identified at time of analysis, and it is not listed in CISA KEV, though the fix and root cause are fully documented in the vendor GitHub Security Advisory GHSA-pj24-8j6m-vq9q.
CSV formula injection in Snipe-IT prior to version 8.5.0 enables a low-privileged authenticated user to store a malicious spreadsheet formula via the HTTP User-Agent header, which is then written unescaped into exported Activity Report CSV files. When an administrator or report viewer opens the exported file in spreadsheet software such as Microsoft Excel or LibreOffice Calc, the embedded formula executes within their local application environment, potentially enabling data exfiltration or arbitrary command execution on the viewer's workstation. No public exploit code has been identified at time of analysis, and a vendor-released patch is available in version 8.5.0.
TOTP replay vulnerability in Logto prior to 1.41.0 allows an attacker who holds a victim's first-factor credentials and captures a live TOTP code to replay that code within the same RFC 6238 acceptance window, bypassing multi-factor authentication entirely. The root cause is otplib's stateless verification call with window=1, which validates the time-based OTP cryptographically but does not persist the last-accepted time-step counter - leaving used codes valid for replay until the 30-second window expires. No public exploit or CISA KEV listing exists at time of analysis, but successful exploitation yields full account compromise (C:H, I:H) because MFA is the terminal authentication barrier.
Server-side request forgery and NTLM credential exposure in the RabbitMQ management plugin (versions 4.1.0 to before 4.1.11 and 4.2.0 to before 4.2.6) on Windows lets remote actors coerce the broker into outbound DNS and SMB connections to attacker-controlled UNC paths. The static file handler rabbit_mgmt_wm_static passes URL-encoded backslashes to erl_prim_loader:read_file_info before path validation, but only when multiple management extension plugins are enabled. No public exploit has been identified at time of analysis, and the EPSS score is low (0.28%, 20th percentile) despite the CVSS 10.0 rating.
Arbitrary file read in Snipe-IT before 8.5.0 lets an authenticated user abuse the ActionlogController::displaySig endpoint, which concatenates the route's filename parameter into a private upload-directory path without sanitization, enabling relative path traversal (CWE-23) to read any file the web server process can access. The CVSS 4.0 base score is 7.1 with high confidentiality impact only; there is no public exploit identified at time of analysis and no CISA KEV listing. Because Snipe-IT stores database credentials and application secrets in web-readable files, the practical impact can extend beyond simple information disclosure toward full application compromise.
Arbitrary file overwrite in Coturn prior to 4.13.0 is possible through the CLI management interface's `psd` (print sessions dump) command, which passes a user-supplied filename directly to `fopen()` without any path validation (CWE-73). An authenticated admin with CLI access can overwrite any file writable by the coturn process, potentially corrupting sensitive system files, certificates, or configuration data to achieve privilege escalation or service disruption. No public exploit identified at time of analysis; exploitation is constrained to local, high-privilege access, limiting realistic threat surface despite the High integrity and availability impact ratings.
Insufficient JWT expiration enforcement in ZITADEL's external JWT Identity Provider integration allows tokens lacking the `exp` claim to be treated as indefinitely valid, bypassing intended session lifetime controls. Versions 3.0.0-rc.1 through 3.4.11 and 4.0.0-rc.1 through 4.15.1 are affected, with the flaw residing in `internal/idp/providers/jwt/session.go`. An attacker who can obtain or craft a JWT from a configured trusted external issuer that omits the `exp` claim can maintain persistent authenticated access without re-authentication. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.
Insufficient session expiration in ZITADEL's external JWT Identity Provider allows arbitrarily old tokens from trusted issuers to pass authentication when the token omits the iat (issued-at) claim. ZITADEL versions prior to 3.4.12 (v3 branch) and 4.15.2 (v4 branch) are affected. An attacker holding a previously issued JWT from a trusted external IdP - specifically one lacking the iat claim - can reuse that token indefinitely, bypassing intended session expiry controls and maintaining unauthorized access. No public exploit identified at time of analysis.
Configuration information disclosure in Deloitte AI Assist for Customer exposed internal system details through unauthenticated, publicly accessible API endpoints, reducing attacker reconnaissance effort. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N/VC:L) confirms remote, low-complexity, unauthenticated access, though impact is bounded to low confidentiality exposure with no integrity or availability consequence. Deloitte confirmed the fix on 2026-03-25 by restricting network access and enforcing authentication on the affected endpoints; no public exploit or CISA KEV listing has been identified at time of analysis.
TLS certificate validation bypass in cpp-httplib's Mbed TLS backend (0.31.0-0.46.1) and wolfSSL backend (0.33.0-0.46.1) lets a man-in-the-middle attacker defeat HTTPS/WSS protection when a client connects to an IP-literal host with verification nominally enabled. SSLClient/Client in HTTPS mode skip certificate chain validation and the WebSocketClient on Mbed TLS skips verification entirely, so an intercepting attacker can present a crafted certificate and read or alter traffic. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; the flaw is fixed in 0.47.0.
HTTP redirect handling in Apprise prior to 1.11.0 leaks user-configured secrets - including Authorization headers, bearer tokens, custom headers, and service API keys - by blindly resending them on redirected requests to attacker-controlled endpoints. Any deployment using Apprise's HTTP-based notification plugins or its HTTP attachment and config loaders (apprise/attachment/http.py, apprise/config/http.py) is affected. An on-path attacker or a compromised notification destination can silently harvest these credentials. No public exploit has been identified at time of analysis, and EPSS data is not present in the source intel, but the credential-theft impact on third-party service integrations elevates real-world risk above the Low CVSS score suggests.
Panic-triggering denial of service in the Excelize Go library (all versions prior to 2.11.0) allows any actor who can supply a crafted XLSX file to crash the consuming application. The root cause is an integer bounds check that validates only the upper bound of shared-string indices, permitting a cell value of -1 to reach a slice-index operation as a negative integer and cause a Go runtime panic in `GetCellValue` or `GetRows`. No active exploitation has been identified at time of analysis, but the attack is trivially constructable and requires no privileges if the target application exposes XLSX processing to untrusted input.
Server-side request forgery via DNS rebinding in 9Router (decolua/9router) before 0.5.2 allows an authenticated LLM-proxy user to reach internal-only HTTP services. The image-URL validation resolves the host once to a public IP, but open-sse/translator/concerns/image.js performs the actual server-side fetch with a separate DNS lookup, so an attacker-controlled name can rebind to an internal address between the two resolutions. No public exploit identified at time of analysis; the flaw is fixed in 0.5.2.
Server-side request forgery in the file_type content detector of guardrails-detectors (a component shipped with Red Hat OpenShift AI/RHOAI) allows a remote attacker to submit an arbitrary XML Schema Definition (XSD) that the parser resolves without restriction, coercing the server into fetching attacker-chosen URLs or reading local files. Because the CVSS vector is AV:N/PR:N/UI:N with a changed scope and high confidentiality impact (base score 9.3), an unauthenticated attacker can pivot into internal networks and harvest secrets such as cloud provider credentials. There is no public exploit identified at time of analysis, and the flaw is not listed in CISA KEV.
File carve operations in osquery prior to 5.23.1 expose sensitive data due to world-readable temporary directory permissions, allowing a local unprivileged attacker to read carve contents during the collection window. If the carve targets a directory the attacker controls, the impact extends to arbitrary local file reads. No public exploit identified at time of analysis; the vendor-confirmed fix ships in osquery 5.23.1.
Arbitrary file access in JetBrains TeamCity before 2026.1.2 lets an authenticated user abuse the Perforce (P4) VCS integration to read files outside intended boundaries on the TeamCity server host. The flaw (CWE-73, external control of file name or path) was self-reported by JetBrains and is fixed in 2026.1.2; no public exploit identified at time of analysis, and it is not listed in CISA KEV. With PR:L in the CVSS vector, exploitation requires a low-privilege account that can define or influence a Perforce VCS root, making it a realistic post-authentication threat on shared CI servers.
{categoryId}/{faqId}, and title-plus-preview content via the v3.1 and v4.0 tag-based endpoints - all without credentials. No public exploit has been identified and this vulnerability is not in CISA KEV, though the AV:N/PR:N vector makes exploitation trivially simple for anyone who can reach the API.
Preview namespace collision in Capgo before 12.128.2 enables authenticated low-privileged tenants to hijack or deny preview routing for other tenants' applications by deliberately registering app IDs containing double underscores that decode identically to a victim's dot-separated app ID. The non-bijective hostname parsing - where `__` maps to `.` but `.` is also a valid app ID character - breaks namespace uniqueness across tenants, allowing cross-tenant preview misrouting. No public exploit has been identified at time of analysis, and no CISA KEV listing exists; real-world impact is confined to preview functionality, not production app delivery.
Information disclosure in Capgo before 12.128.2 lets unauthenticated remote attackers call the get_orgs_v7(userid) RPC endpoint with arbitrary user UUIDs to read foreign users' organization memberships, roles, management emails, and billing metadata. The endpoint remained publicly invokable despite intended private access controls, so any internet-facing Capgo deployment on an affected version exposes tenant data cross-account. No public exploit has been identified at time of analysis, though the trivial invocation pattern (supply a UUID) makes weaponization straightforward.
Update-signing bypass in @capgo/capacitor-updater (capgo OTA plugin for Capacitor apps) before 12.128.2 undermines its end-to-end encryption by shipping the same private key to every device that downloads the app. Because the public verification key can be derived from that distributed private key, an attacker with a man-in-the-middle position or control of the Capgo delivery server can forge a validly signed update bundle and push attacker-controlled code to devices. Reported by VulnCheck with a CVSS 4.0 base score of 8.3; no public exploit identified at time of analysis and it is not listed in CISA KEV.
Authorization-model destruction in FlaskBB forum software (versions up to and including 2.2.0) lets an authenticated administrator wipe all six built-in permission groups through the management bulk-delete AJAX endpoint. Because the endpoint compares JSON integer group IDs against string literals, the guard meant to protect built-in groups never matches and silently allows their removal, collapsing the forum's entire permission model and potentially bricking the site. No public exploit identified at time of analysis; the flaw was reported by VulnCheck and is fixed in commit a5da9a5.
SQL injection in Dell PowerFlex Manager prior to version 5.1.0.1 allows a remote, low-privileged authenticated attacker to inject crafted SQL commands through the management interface, resulting in information disclosure and unauthorized access to data beyond the attacker's authorized scope. Rated CVSS 8.5 with a scope-changed vector, the flaw is reported by Dell (DSA-2026-066) and carries confidentiality impact; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.
SQL injection in Dell PowerFlex Manager before 5.1.0.1 lets a low-privileged, remotely authenticated user inject crafted SQL into a backend query, resulting in unauthorized reading of database contents (information exposure). The flaw is fixed in 5.1.0.1 per Dell advisory DSA-2026-066, and there is no public exploit identified at time of analysis. Because exploitation requires a valid low-privilege account, the practical risk is highest in multi-tenant or broadly-provisioned management deployments rather than internet-facing unauthenticated exposure.
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfs_consume_frags() iptfs_consume_frags() transfers paged fragments from one socket buffer to another but fails to propagate the SKBFL_SHARED_FRAG flag. This is the same class of bug that was fixed in skb_try_coalesce() for CVE-2026-46300: when fragments backed by read-only page-cache pages are merged, the marker indicating their shared nature must be preserved so that ESP can decide correctly whether in-place encryption is safe. Apply the same two-line fix used in skb_try_coalesce() to iptfs_consume_frags().
Out-of-bounds read in mtr's ipinfo_lookup() function allows a DNS-layer attacker to reliably crash the tool by serving a crafted TXT response during AS-number lookups. mtr through version 0.96 is affected; the root cause is that dn_expand() receives the total response length as its boundary argument rather than the safe, validated packet end - so a >512-byte response carrying a malicious compression pointer in the answer NAME field directs the read past the buffer. No public exploit code and no CISA KEV listing exist at time of analysis, though the crash is described as deterministic once the attacker controls the DNS response.
Credential disclosure in R-SOFT DMS lets an attacker who obtains the stored superadmin password hash recover the plaintext password, because credentials are protected with a non-salted, nested MD5 hash that is trivially reversible via brute-force and precomputed rainbow tables. The superadmin account is high-value and cannot be rotated through the UI - the password can only be changed by editing the configuration file - so recovered credentials remain valid indefinitely. There is no public exploit identified at time of analysis, and the flaw is not listed in CISA KEV.
Sensitive information exposure in the Import and Export Users and Customers WordPress plugin (all versions ≤ 2.4.0) allows any authenticated subscriber-level user to enumerate and extract the post_title and raw post_content of arbitrary posts regardless of visibility status or post type. Affected content includes drafts, private posts, password-protected entries, future-scheduled posts, trashed items, and non-public custom post types such as WooCommerce orders and internal CRM records. The exploit barrier is exceptionally low: the required security nonce is leaked as inline JavaScript on any wp-admin page reachable by subscribers. No public exploit code has been identified and this vulnerability does not appear in the CISA KEV catalog at time of analysis.
Local File Inclusion in the Happyforms WordPress plugin (all versions through 1.26.12) allows authenticated administrators to include and execute arbitrary PHP files on the server via the happyforms_get_form_partial() function, enabling full remote code execution when the attacker can also upload PHP files. The vulnerability is rooted in unsanitized filename handling (CWE-98) within the form template rendering logic, as evidenced by the affected files class-wp-customize-form-manager.php and helper-form-templates.php. No public exploit code or CISA KEV listing has been identified at time of analysis, and the Administrator-level access prerequisite substantially limits the realistic attacker population.
Denial of service in the Apache IoTDB C++ client (versions 1.3.5 before 1.3.8 and 2.0.5 before 2.0.10) allows a malicious or compromised IoTDB server to crash any connected client by returning malformed TsBlock response data. The client's TsBlock deserializer performs out-of-bounds reads (CWE-125) on attacker-controlled server payloads, terminating the client process. There is no public exploit identified at time of analysis, EPSS probability is low (0.14%), and impact is limited to availability of the client - no confidentiality or integrity effect is claimed.
Unsafe reflection in Apache IoTDB's pipe processor lets a user-supplied fully qualified Java class name be loaded and instantiated via Class.forName().newInstance() with no allowlisting, enabling arbitrary class loading and likely remote code execution in the database server process. It affects all releases from 1.0.0 up to (but not including) 2.0.10 and is fixed in 2.0.10. No public exploit identified at time of analysis, and EPSS is low (0.25%, 17th percentile), though CISA SSVC rates the technical impact as total and considers exploitation automatable.
The EscortWP escortwp WordPress theme through 3.6.2 was distributed with a vendor-authored, obfuscated backdoor that lets an unauthenticated attacker who supplies a hard-coded, per-build key permanently delete all of the site's content, and that covertly transmits the site URL, administrator email address, and license key to a third-party server.
Unauthenticated account registration bypass in the LA-Studio Element Kit for Elementor WordPress plugin (all versions before 1.6.1) allows remote, unauthenticated attackers to create WordPress user accounts on sites where site-wide registration has been explicitly disabled by the administrator. The vulnerable component is an unauthenticated AJAX action handler that omits the standard WordPress registration-status check, effectively nullifying an administrative security control. A publicly available proof-of-concept exists via WPScan, and a vendor patch is available in version 1.6.1; no confirmed active exploitation (CISA KEV) has been recorded at time of analysis.
Improper authorization in Samsung Health prior to version 7.00.0.107 exposes connected device information to local, low-privileged attackers on the same Android device. The flaw likely involves an improperly protected Android IPC mechanism - such as a content provider or broadcast receiver - that fails to enforce access controls over paired wearable or peripheral device data. No public exploit code exists and this vulnerability has not been added to the CISA KEV catalog; combined with the local-only attack vector and limited data sensitivity, real-world risk is low.
Local privilege escalation to arbitrary command execution in Samsung Bixby (versions prior to 4.0.70.8) allows a malicious co-located Android app to invoke improperly exported application components and run commands with Bixby's elevated privilege level. Reported by Samsung Mobile Security and rated CVSS 4.0 base 8.5; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Exploitation requires attacker-controlled code already present on the device (e.g., a rogue installed app), not remote network access.
Improper export of Android application components in Samsung's InputSharing app (prior to version 2.7.01.4) exposes internal sharing data to any co-resident application on the same device. The flaw allows a local attacker - via a malicious app installed on the same Samsung device - to silently access data transiting the InputSharing component without requiring any special Android permissions. No active exploitation has been confirmed (no CISA KEV listing), and a vendor-released patch at version 2.7.01.4 is available per the Samsung Mobile Security advisory.
Improper input validation in Samsung Email prior to version 6.2.13.1 enables local attackers to create arbitrary files within the application's Android sandbox, affecting integrity and availability of the email client. The attack is confined to the Samsung Email sandbox by Android's isolation model and cannot directly escalate to system-level or cross-application impact. No public exploit has been identified and the vulnerability is not listed in CISA KEV; Samsung has released a confirmed fix in version 6.2.13.1.
Incorrect default permissions in Samsung Mobile's WLAN security component expose TencentWifiSecurity settings to any local attacker on Android 14, 15, and 16 devices prior to SMR Jul-2026 Release 1. An unprivileged local user or application can read or modify TencentWifiSecurity configuration, resulting in limited information disclosure and integrity compromise of WiFi security settings. No public exploit code exists and this vulnerability is not listed in CISA KEV; however, the zero-privilege-required local access condition broadens practical exposure on shared, enterprise-managed, or already-compromised devices.
Improper access control in Samsung's SmartThingsKit component on Android 16 devices allows local attackers without elevated privileges to read sensitive information. The flaw, patched in SMR Jul-2026 Release 1, is limited to local exploitation and carries no integrity or availability impact. No public exploit has been identified at time of analysis, and Samsung has not reported active exploitation.
Improper access control in SamsungSEAgentService on Samsung Android 15 and 16 devices allows a local attacker to read sensitive information without requiring elevated privileges. The CVSS 4.0 vector (AV:L/PR:N/VC:H) confirms that any local process on the device can trigger the flaw with high confidentiality impact and no integrity or availability loss. No public exploit or CISA KEV listing exists at time of analysis; risk is bounded to the local attack surface of affected Samsung hardware.
Improper access control in IAFDService on Samsung mobile devices (Android 14, 15, and 16) allows local attackers holding low-level privileges to invoke privileged system APIs that should be restricted to higher-trust callers. The flaw carries a CVSS 4.0 score of 6.9, reflecting high integrity and availability impact on the vulnerable system. No public exploit code or active exploitation confirmed in CISA KEV has been identified at time of analysis; Samsung has released the fix in SMR Jul-2026 Release 1.
Improper access control in the Samsung Settings application on Android 15 and 16 allows a local attacker to modify Theft Protection configurations without requiring device credentials or elevated privileges. The vulnerability stems from missing or bypassable authorization checks in the Settings component, enabling an attacker with local access - such as someone in possession of a stolen device - to reconfigure the very security controls designed to prevent unauthorized use. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, but the local-no-privilege vector makes this particularly relevant to physical device theft scenarios.
{id} REST endpoints, which ship with no authentication or authorization checks. Any anonymous visitor can harvest customer PII - names, emails, phone numbers, WhatsApp message contents, full geolocation (IP, city, country, ISP, coordinates), device fingerprints, and even WordPress account details (user IDs, usernames, emails) for logged-in users who submitted the form. There is no public exploit identified at time of analysis and it is not on CISA KEV, but exploitation is trivial and requires only an HTTP client.
Payment amount tampering in the SureForms WordPress plugin (versions ≤ 2.2.1) lets unauthenticated attackers submit arbitrary prices when completing Stripe checkout. Because the 'create_payment_intent' and 'create_subscription_intent' handlers trust the amount supplied in user-controlled POST data instead of the form's server-side configured price, an attacker can purchase products or subscriptions for a fraction of their real cost. Reported by Wordfence and fixed in 2.2.2; no public exploit identified at time of analysis and it is not listed in CISA KEV.
Information disclosure in zhayujie CowAgent up to version 2.1.0 exposes sensitive data to low-privileged authenticated remote attackers through the BrowserTool._do_navigate function in the Browser Tool component. Publicly available proof-of-concept exploit code exists via a GitHub issue report, though no patch has been released as the project maintainer has not yet responded to responsible disclosure. The CVSS 4.0 score of 2.1 and impact limited to low confidentiality exposure place this at the lower end of priority, tempered by the authentication requirement and niche product footprint.
Boundary validation failure in GoBGP's BGP OPEN capability parser allows a remote peer to send a malformed OPEN message that causes concrete capability decoders to read beyond the declared CapLen field, enabling attacker-controlled bytes to be interpreted as capability values - most critically, as a 4-octet AS number that influences peer AS validation and BGP session establishment decisions. Affected is GoBGP v4 (pkg:go/github.com_osrg_gobgp_v4), with the 4-octet AS capability (code 65) identified as the highest-impact case. A parser-level proof-of-concept is publicly described in GitHub Security Advisory GHSA-gjrg-jjr3-56cm; no active exploitation has been confirmed and this CVE does not appear in the CISA KEV catalog. IMPORTANT METADATA CONFLICT: The provided intelligence tags label this as 'RCE, Buffer Overflow, Information Disclosure' - all three directly contradict the CVE description, which explicitly states the issue is not arbitrary memory corruption, remote code execution, or information disclosure; security teams must disregard those tags.
Threshold counting logic in sigstore-go's multi-log verification policy is bypassable by a single compromised transparency or CT log. When a verifier is configured with WithTransparencyLog(N>1) or WithSignedCertificateTimestamps(N>1), the intended defense-in-depth - requiring N distinct log authorities to independently vouch for an artifact - fails because counts accumulate per-entry or per-validation-path rather than per-log-authority. An attacker controlling one compromised Rekor transparency log or CT log can forge multiple entries with distinct indices, or present multiple embedded SCTs across certificate chains, artificially satisfying an N-count threshold with a single compromised source. No public exploit has been identified at time of analysis, and EPSS data is not available in the provided intelligence.
Credential file exfiltration in SiYuan prior to 3.7.1 is possible through the POST /api/file/globalCopyFiles endpoint, which accepts arbitrary absolute source paths and relies on an incomplete denylist in util.IsSensitivePath to block sensitive files. The denylist omits common credential files including .git-credentials, .netrc, .pgpass, .kube/config, .docker/config.json, and .gnupg, enabling an authenticated administrator or API-token holder to copy these files into the workspace and read them via the file API. No public exploit code or CISA KEV listing exists at time of analysis, but the Docker tag suggests this is relevant in containerized deployments where host-mounted credential files may be accessible.
Discourse's post revision system exposes hidden edit history to unauthenticated network users through a serialization flaw in PostRevisionSerializer. When computing diffs between adjacent visible revisions, the serializer failed to enforce visibility restrictions, leaking content from revisions that moderators or administrators had marked as hidden. No active exploitation has been identified at time of analysis, but the unauthenticated, low-complexity attack vector means any visitor to a vulnerable Discourse instance can potentially access suppressed post content - including moderator-redacted material - without any credentials or special access.
Discourse's AWS SES bounce webhook endpoint (POST /webhooks/aws) validates Amazon SNS message signatures but omits TopicArn binding, allowing any AWS account holder to publish legitimately signed forged Bounce notifications that revoke a targeted Discourse user's email address. Versions prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5 across all active release branches are affected when the SES integration is enabled. No public exploit code exists and the vulnerability is not listed in CISA KEV, but the low attack complexity and absence of Discourse-side authentication requirements make targeted abuse realistic for any motivated actor with an AWS account.
Restricted tag and tag-group name disclosure in Discourse exposes internal taxonomy metadata to anonymous and unauthorized users via the category and group API endpoints. All Discourse versions prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5 are affected when restricted tags or tag groups are configured on publicly readable categories. An unauthenticated actor can enumerate these names - which may contain sensitive organizational labels, project codenames, or internal classifications - using standard HTTP requests with no exploit tooling required. No public exploit code exists and this is not listed in CISA KEV; the CVSS 4.0 AT:P modifier confirms that exploitation requires a specific non-default configuration to be present.
Secure upload bypass in Discourse exposes protected files through the pull_hotlinked_images feature, which fails to enforce the secure_uploads access control when processing posts containing a known secure URL. Affected instances are those running versions prior to 2026.6.0, 2026.5.1, 2026.4.2, or 2026.1.5 with the secure_uploads site setting enabled. No public exploit has been identified at time of analysis and this vulnerability is not listed in CISA KEV; however, the fix commits are publicly visible on GitHub, potentially aiding reverse-engineering of the flaw.
EventSerializer in Discourse improperly exposes private event invitation metadata - including invited group names, sample invitee usernames, and attendance statistics - to any user who can view the topic, regardless of their authorization to access the private invitee list. All Discourse installations prior to versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5 are affected when event functionality is in use. No public exploit or active exploitation (CISA KEV) has been identified, but the trivial network vector (AV:N/AC:L/PR:N/UI:N) makes this passively accessible to any user - authenticated or not - with topic-read access on an open or semi-open forum.
Command execution via URI injection in GitHub CLI's `gh codespace jupyter` subcommand (versions 2.10.0-2.95.0) allows an attacker who controls a Codespace to redirect a connecting developer's VS Code instance into executing arbitrary protocol handler actions. The CLI passes a JupyterLab URL sourced from a process inside the Codespace directly to the OS without validating that the URL is a loopback HTTP or HTTPS address, enabling substitution with a crafted `vscode://` or `vscode-insiders://` URI. No public exploit has been identified at time of analysis and this CVE is not listed in CISA's Known Exploited Vulnerabilities catalog, but the scope-change characteristic (S:C) means local VS Code extension execution is a realistic downstream impact.