Information Disclosure

SAP MDM Server allows an attacker to gain control of existing client sessions and execute certain functions without having to re-authenticate giving the ability to access or modify non-sensitive information or consume sufficient resources which could degrade the performance of the server causing low impact on confidentiality, integrity and availibility of the application.

Privilege escalation vulnerability in SAP GRC that allows authenticated non-administrative users to access and initiate transactions capable of modifying system credentials. This critical flaw compromises confidentiality, integrity, and availability across the application, with a CVSS score of 8.8 indicating high severity. The vulnerability requires valid credentials to exploit but has no privilege requirements beyond basic user access, making it a significant risk in environments with broad GRC user bases.

SAP NetWeaver Visual Composer contains a directory traversal vulnerability (CWE-22) that allows high-privileged users to bypass path validation controls and read or modify arbitrary files on the system. The vulnerability affects SAP NetWeaver Visual Composer across supported versions and has a CVSS score of 7.6 due to high confidentiality impact and network-accessible attack vector, though exploitation requires high privileges (PR:H). Exploitation likelihood and KEV/POC status cannot be confirmed from available data, but the high-privilege prerequisite significantly reduces real-world exploitability compared to the base CVSS score suggests.

Stored Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects BI Workspace that allows unauthenticated attackers to inject and persist malicious JavaScript code within workspaces. When authenticated users access compromised workspaces, the malicious script executes in their browser context, potentially exposing sensitive session tokens, cookies, and user data. The vulnerability has a CVSS score of 8.2 (High) with significant confidentiality impact; while KEV/EPSS data and active exploitation status are not provided in available intelligence, the attack requires user interaction and authentication context, moderating real-world severity despite the high CVSS rating.

CVE-2025-0037 is a security vulnerability (CVSS 6.6) that allows access. Remediation should follow standard vulnerability management procedures.

CVE-2025-0036 is a security vulnerability (CVSS 3.2). Remediation should follow standard vulnerability management procedures.

Critical arbitrary file upload vulnerability in CyberData 011209 Intercom systems that allows authenticated attackers to upload malicious files to multiple locations within the system without user interaction. With a CVSS 9.8 score and network-accessible attack surface requiring only valid authentication credentials, this vulnerability poses severe risk to organizations deploying these intercom systems. The vulnerability enables complete system compromise through arbitrary file placement, potentially allowing remote code execution, system manipulation, and data theft.

CyberData 011209 Intercom devices fail to properly store or protect web server administrator credentials, allowing unauthenticated remote attackers to obtain plaintext or weakly protected credentials with high confidence. This vulnerability (CVSS 7.5) affects web-based administrative interfaces and could lead to complete compromise of device configuration and control. No public exploit code or active KEV listing is confirmed at this time, but the vulnerability requires immediate attention due to the critical nature of credential exposure in networked intercom systems.

CVE-2025-26468 is an unauthenticated denial-of-service vulnerability in CyberData 011209 Intercom systems that allows remote attackers to disrupt system availability without requiring authentication or user interaction. The vulnerability has a CVSS score of 7.5 (High) with a network attack vector, indicating significant real-world risk from remote exploitation. While active exploitation status and POC availability cannot be confirmed from the provided data, the lack of authentication requirements (PR:N, UI:N) makes this a critical priority for affected organizations.

A security vulnerability in A vulnerability classified as critical (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

CyberData 011209 Intercom devices contain an authentication bypass vulnerability in the web interface accessible via an alternate path, allowing unauthenticated attackers complete unauthorized access (confidentiality, integrity, availability compromise). This CVSS 9.8 critical vulnerability affects CyberData intercom systems and poses immediate risk to organizations relying on these devices for communication and physical security integration. No specific KEV or active exploitation data provided, but the unauthenticated network-accessible nature with no mitigation requirements makes this highly likely to be targeted.

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.

Sensitive data exposure vulnerability in Lablup's BackendAI that allows authenticated attackers with high privileges to retrieve user credentials from active sessions on the management platform. The vulnerability affects the session management mechanism and has a CVSS score of 8.0 with a complex attack vector requiring high privilege access, indicating a serious but not trivially exploitable issue in production environments.

A security vulnerability in the session. This vulnerability exists in all current (CVSS 8.1) that allows attackers. High severity vulnerability requiring prompt remediation.

A security vulnerability in Requests (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

A security vulnerability in version 4.0.0 and (CVSS 9.0) that allows capturing of env variables. Risk factors: EPSS 41% exploitation probability, public PoC available. Vendor patch is available.

react-native-keys version 0.7.11 contains a sensitive information disclosure vulnerability where encryption ciphers and Base64-encoded secrets are stored as plaintext in compiled native binaries, allowing attackers with network access to extract these credentials via static analysis of the binary. This affects all applications using the vulnerable library version, and the high CVSS score of 7.5 reflects the ease of exploitation (no authentication required) and significant confidentiality impact, though the practical risk depends on whether secrets are actually embedded at build time and the sensitivity of exposed data.

CVE-2025-48261 is an information disclosure vulnerability in MultiVendorX that allows unauthenticated remote attackers to retrieve sensitive data embedded within sent data through a network-accessible interface. The vulnerability affects MultiVendorX versions up to and including 4.2.22, with a CVSS score of 7.5 indicating high confidentiality impact. While no active KEV or public POC details were provided in the available intelligence, the network-accessible attack vector (AV:N) and lack of privilege requirements (PR:N) make this a material risk for exposed instances.

PHP Local File Inclusion (LFI) vulnerability in BZOTheme Fitrush versions up to 1.3.4 that allows unauthenticated remote attackers to include and execute arbitrary local files on the server. The vulnerability stems from improper control of filenames in PHP include/require statements (CWE-98), enabling attackers to read sensitive files or achieve remote code execution depending on server configuration. While the CVSS score is 8.1 (high severity), the CVSS vector indicates high attack complexity (AC:H), suggesting exploitation may require specific environmental conditions or knowledge of the target system's file structure.

A remote code execution vulnerability in snstheme BodyCenter - Gym (CVSS 8.1). High severity vulnerability requiring prompt remediation.

Laravel Translation Manager is a package to manage Laravel translation files. Prior to version 0.6.8, the application is vulnerable to Cross-Site Scripting (XSS) attacks due to incorrect input validation and sanitization of user-input data. An attacker can inject arbitrary HTML code, including JavaScript scripts, into the page processed by the user's browser, allowing them to steal sensitive data, hijack user sessions, or conduct other malicious activities. Only authenticated users with access to the translation manager are impacted. The issue is fixed in version 0.6.8.

Denial-of-service vulnerability in Discourse that allows unauthenticated remote attackers to reduce the availability of a Discourse instance by sending malicious URLs in private messages to bot users. The vulnerability affects Discourse versions prior to 3.4.4 (stable), 3.5.0.beta5 (beta), and 3.5.0.beta6-dev (tests-passed), with a CVSS 7.5 rating indicating high severity. No known public exploits or workarounds are currently available, but patches have been released.

CVE-2025-36528 is an authenticated SQL injection vulnerability in Zohocorp ManageEngine ADAudit Plus versions 8510 and earlier, affecting the Service Account Auditing reports functionality. An authenticated attacker with low privileges can exploit this vulnerability to execute arbitrary SQL queries, potentially leading to unauthorized data disclosure, data modification, or partial denial of service. With a CVSS score of 8.3 and network-accessible attack vector, this represents a significant risk to organizations using affected versions, particularly in environments where administrative audit logs contain sensitive credentials and access patterns.

A SQL injection vulnerability (CVSS 8.3). High severity vulnerability requiring prompt remediation.

Critical Missing Authorization (CWE-862) vulnerability in Honding Technology's Smart Parking Management System that allows authenticated users with regular privileges to bypass authorization controls and create administrator accounts without proper authorization checks. Attackers can leverage this flaw to escalate privileges, create backdoor admin accounts, and gain full system control (confidentiality, integrity, and availability impact). The CVSS 8.8 score reflects the high severity, though real-world exploitability depends on whether this vulnerability is actively exploited in the wild and whether public proof-of-concept code exists.

Critical array index validation vulnerability in RT-Thread 5.1.0's signal mask syscall handler that allows authenticated local attackers to read and modify kernel memory with high impact. The vulnerability exists in the sys_thread_sigprocmask function where improper validation of the 'how' parameter enables out-of-bounds array access, potentially leading to privilege escalation or denial of service. This is an actively exploitable vulnerability requiring local access and low privileges with no user interaction needed.

Critical authentication bypass vulnerability in Honding Technology's Smart Parking Management System that allows unauthenticated remote attackers to directly access an administrative credentials page and retrieve plaintext administrator passwords without authentication. With a CVSS score of 9.8 and network-accessible attack vector, this vulnerability poses an immediate and severe risk to all deployed instances, potentially enabling complete system compromise and unauthorized access to parking infrastructure management.

A vulnerability was found in Tenda TDSEE App up to 1.7.12. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /app/ConfirmSmsCode of the component Password Reset Confirmation Code Handler. The manipulation leads to improper restriction of excessive authentication attempts. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.7.15 is able to address this issue. It is recommended to upgrade the affected component.

CVE-2025-47711 is a security vulnerability (CVSS 6.5). Remediation should follow standard vulnerability management procedures.

The AuthPolicy metadata on Red Hat Connectivity Link contains an object which stores secretes, however it assumes those secretes are already in the kuadrant-system instead of copying it to the referred namespace. This creates space for a malicious actor with a developer persona access to leak those secrets over HTTP connection, as long the attacker knows the name of the targeted secrets and those secrets are limited to one line only.

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through race condition.

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through out-of-bounds read.

CVE-2025-38003 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.

moPS App through version 1.8.618 contains a critical authentication bypass vulnerability (CVE-2024-55585, CVSS 9.0) that allows all authenticated users to access administrative API endpoints without proper authorization checks, enabling unrestricted read and write operations including password resets. This vulnerability is particularly severe as it requires only low privileges (PR:L) to exploit via network access, and the /api/v1/users/resetpassword endpoint demonstrates direct administrative function access. No KEV or active exploitation data is referenced, but the high CVSS score and authentication bypass nature suggest significant real-world risk if exploited.

Denial of Service vulnerability in libcurl's WebSocket implementation that allows a malicious server to send a specially crafted packet triggering an endless busy-loop, forcing applications to kill the affected thread or process to recover. This affects all libcurl versions with WebSocket support, with CVSS 7.5 (High) severity due to network-accessible attack vector requiring no authentication. The vulnerability has high real-world impact for any application using libcurl for WebSocket connections, though exploitation requires active malicious server control.

Jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in jackson-core's `JsonLocation._appendSourceDesc` method allows up to 500 bytes of unintended memory content to be included in exception messages. When parsing JSON from a byte array with an offset and length, the exception message incorrectly reads from the beginning of the array instead of the logical payload start. This results in possible information disclosure in systems using pooled or reused buffers, like Netty or Vert.x. This issue was silently fixed in jackson-core version 2.13.0, released on September 30, 2021, via PR #652. All users should upgrade to version 2.13.0 or later. If upgrading is not immediately possible, applications can mitigate the issue by disabling exception message exposure to clients to avoid returning parsing exception messages in HTTP responses and/or disabling source inclusion in exceptions to prevent Jackson from embedding any source content in exception messages, avoiding leakage.

A remote code execution vulnerability in SpiceDB (CVSS 3.7). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

CVE-2025-33031 is an improper certificate validation vulnerability in Synology File Station 5 that allows authenticated remote attackers to compromise system confidentiality, integrity, and availability. An attacker with valid user credentials can exploit insufficient SSL/TLS certificate validation to perform man-in-the-middle attacks or bypass security controls. The vulnerability has a high CVSS score of 8.8 and affects all versions of File Station 5 prior to 5.5.6.4847; patches are available from Synology.

An out-of-bounds read vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later

CVE-2025-22486 is an improper certificate validation vulnerability in Synology File Station 5 that allows authenticated remote attackers to compromise system confidentiality, integrity, and availability. The vulnerability affects File Station 5 versions prior to 5.5.6.4791, and while it requires valid user credentials (PR:L in CVSS), the lack of user interaction requirement (UI:N) and network accessibility (AV:N) make it a high-severity threat in multi-user environments. No confirmed KEV or active exploitation data is available at this time, but the high CVSS score of 8.8 and the nature of certificate validation bypass attacks warrant immediate patching.

Format string vulnerability in QNAP Qsync Central that allows authenticated remote attackers to read sensitive data or modify memory without user interaction. The vulnerability affects all versions prior to Qsync Central 4.5.0.6 (released March 20, 2025), with a CVSS score of 8.1 indicating high severity. While no public exploit or KEV status is currently documented, the low attack complexity and requirement for only low-privilege user access make this a significant risk for organizations running vulnerable versions.

Critical deserialization of untrusted data vulnerability in Apache InLong versions 1.13.0 through 2.0.x that allows authenticated attackers to read arbitrary files through parameter manipulation ('double writing' the param). With a CVSS 9.8 score and network-based attack vector requiring no user interaction, this represents a high-severity information disclosure risk affecting data ingestion pipeline deployments.

Critical SQL injection vulnerability in 1000 Projects ABC Courier Management System version 1.0, affecting the /admin endpoint's Username parameter. An unauthenticated remote attacker can exploit this to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion. The vulnerability has been publicly disclosed with proof-of-concept availability, significantly increasing real-world exploitation risk.

CVE-2025-38002 is a security vulnerability (CVSS 5.5). Risk factors: public PoC available. Vendor patch is available.

A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again.

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in esigngenie Foxit eSign for WordPress allows Retrieve Embedded Sensitive Data. This issue affects Foxit eSign for WordPress: from n/a through 2.0.3.

Insertion of Sensitive Information Into Sent Data vulnerability in CodeRevolution Crawlomatic Multisite Scraper Post Generator allows Retrieve Embedded Sensitive Data. This issue affects Crawlomatic Multisite Scraper Post Generator: from n/a through 2.6.8.2.

A security vulnerability in Cozmoslabs Profile Builder allows Phishing (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in whassan KI Live Video Conferences allows Retrieve Embedded Sensitive Data. This issue affects KI Live Video Conferences: from n/a through 5.5.15.

PHP Local File Inclusion (LFI) vulnerability in choicehomemortgage AI Mortgage Calculator versions up to 1.0.1, caused by improper input validation on file inclusion statements. An authenticated attacker with low privileges can exploit this vulnerability over the network to read arbitrary files from the server, potentially leading to information disclosure, privilege escalation, or remote code execution. The high CVSS score of 7.5 reflects the severity of potential impacts (confidentiality, integrity, availability compromise), though the requirement for authenticated access and high attack complexity somewhat limit real-world exploitability.

The Simple History plugin for WordPress is vulnerable to sensitive data exposure via Detective Mode due to improper sanitization within the append_debug_info_to_context() function in versions prior to 5.8.1. When Detective Mode is enabled, the plugin’s logger captures the entire contents of $_POST (and sometimes raw request bodies or $_GET) without redacting any password‐related keys. As a result, whenever a user submits a login form, whether via native wp_login or a third‐party login widget, their actual password is written in clear text into the logs. An authenticated attacker or any user whose actions generate a login event will have their password recorded; an administrator (or anyone with database read access) can then read those logs and retrieve every captured password.

PHP Local File Inclusion (LFI) vulnerability in StylemixThemes Motors - Events plugin affecting versions up to 1.4.7, allowing unauthenticated remote attackers to include and execute arbitrary PHP files under certain conditions. With a CVSS score of 9.0 and network accessibility, this vulnerability enables complete system compromise through code execution. Active exploitation status and proof-of-concept availability should be verified through KEV database and security research databases.

A remote code execution vulnerability in IDF (CVSS 5.1). Remediation should follow standard vulnerability management procedures.

A remote code execution vulnerability in IDF (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

SourceCodester Open Source Clinic Management System version 1.0 contains a critical SQL injection vulnerability in the /email_config.php file affecting the 'email' parameter. An unauthenticated remote attacker can exploit this to execute arbitrary SQL commands, potentially leading to unauthorized data access, modification, or system compromise. Public disclosure and exploit code availability significantly elevate real-world risk.

Missing authorization vulnerability in Soar Cloud HRD Human Resource Management System versions up to 7.3.2025.0408 that allows unauthenticated remote attackers to modify critical system settings without any credentials or user interaction. This is a high-severity integrity violation (CVSS 7.5) affecting HR management infrastructure; attackers can alter configurations that may impact payroll, employee records, access controls, and compliance functions. No exploitation complexity is required (AC:L, PR:N), making this vulnerability immediately exploitable in real-world environments.

CVE-2025-48783 is an external control of file name or path vulnerability (CWE-73) in the delete file function of Soar Cloud HRD Human Resource Management System versions up to 7.3.2025.0408, allowing unauthenticated remote attackers to delete arbitrary files by manipulating file path parameters. The vulnerability has a CVSS score of 7.5 with high integrity impact, enabling attackers to perform unauthorized file deletion without authentication. Exploitation requires only network access and no user interaction, making this a significant threat to organizations using affected HRD system versions.

A remote code execution vulnerability in the download file function of Soar Cloud HRD Human Resource Management System (CVSS 7.5) that allows remote attackers. High severity vulnerability requiring prompt remediation.

Critical path traversal vulnerability (CWE-23) that allows unauthenticated remote attackers to read, write, or delete arbitrary files on affected servers with a CVSS score of 9.8. The vulnerability requires no user interaction, has low attack complexity, and grants complete confidentiality, integrity, and availability impact. Without access to KEV status, EPSS scores, POC details, or specific CPE identifiers from the provided data, this appears to be a severe vulnerability affecting multiple server-side products; confirmation of active exploitation status and patch availability requires cross-referencing official vendor security advisories.

CVE-2025-48911 is an improper permission assignment vulnerability in a note sharing module that allows local attackers with user interaction to compromise system availability and potentially access sensitive information. The vulnerability has a CVSS score of 8.2 (High) with a broad scope impact, though specific affected products, patch status, and exploitation telemetry are not provided in the available intelligence sources. Without KEV confirmation or EPSS data, the real-world exploitation risk cannot be definitively assessed, but the local attack vector and user interaction requirement suggest this is less critical than remote, unauthenticated vulnerabilities.

Bypass vulnerability in device management channels that allows unauthenticated attackers on adjacent networks to compromise service confidentiality and cause minor availability impact. The vulnerability affects device management implementations across multiple vendors (specific products require vendor advisories to identify). While no active exploitation in the wild has been confirmed in public KEV databases at time of analysis, the 7.1 CVSS score and high confidentiality impact warrant immediate attention for organizations managing devices on trusted networks.

CVE-2025-48908 is a security vulnerability (CVSS 6.7). Remediation should follow standard vulnerability management procedures.

WebAssembly exception handling vulnerability in the arkweb v8 module that prevents proper capture of specific Wasm exception types, potentially allowing attackers to bypass security controls or trigger unexpected application behavior. The vulnerability affects arkweb's V8 integration layer and requires network access but high attack complexity to exploit. While the CVSS score of 8.1 indicates high severity with potential impacts to confidentiality, integrity, and availability, real-world exploitability depends on whether active exploitation or proof-of-concept code exists.

A remote code execution vulnerability (CVSS 6.6). Remediation should follow standard vulnerability management procedures.

A security vulnerability in for WordPress is vulnerable to Full Path Disclosure in all (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

A security vulnerability in A vulnerability (CVSS 3.8). Risk factors: public PoC available.

A security vulnerability in SystemUI (CVSS 4.8) that allows access. Remediation should follow standard vulnerability management procedures.

IBM Verify Identity Access Digital Credentials 24.06 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.

CVE-2024-22330 is a security vulnerability (CVSS 5.9). Remediation should follow standard vulnerability management procedures.

Critical information disclosure vulnerability in Microsoft Power Automate that allows unauthenticated remote attackers to expose sensitive information and escalate privileges across a network without requiring user interaction. With a CVSS score of 9.8 and an unauthenticated attack vector, this vulnerability represents an immediate and severe risk to organizations using Power Automate; exploitation is likely being actively pursued given the severity metrics and network-accessible nature of the vulnerability.

A security vulnerability in the GNU C Library (CVSS 5.6). Remediation should follow standard vulnerability management procedures.

A security vulnerability in the GNU C Library (CVSS 5.6). Remediation should follow standard vulnerability management procedures.

Para is a multitenant backend server/framework for object persistence and retrieval. A vulnerability that exists in versions prior to 1.50.8 in `FacebookAuthFilter.java` results in a full request URL being logged during a failed request to a Facebook user profile. The log includes the user's access token in plain text. Since WARN-level logs are often retained in production and accessible to operators or log aggregation systems, this poses a risk of token exposure. Version 1.50.8 fixes the issue.

The Yii 2 Redis extension provides the redis key-value store support for the Yii framework 2.0. On failing connection, the extension writes commands sequence to logs. Prior to version 2.0.20, AUTH parameters are written in plain text exposing username and password. That might be an issue if attacker has access to logs. Version 2.0.20 fixes the issue.

A remote code execution vulnerability in A vulnerability classified as critical (CVSS 5.3). Risk factors: public PoC available.

PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on a table and read the original data using a database cursor or the --insert option of pg_dump. This problem occurs only when dynamic masking is enabled, which is not the default setting. The problem is resolved in version 2.2.1

A security vulnerability in Next.js applications. In Auth0 Next.js SDK (CVSS 7.7). High severity vulnerability requiring prompt remediation.

A security vulnerability in Deno (CVSS 5.3). Risk factors: public PoC available. Vendor patch is available.

A security vulnerability in FreshRSS (CVSS 4.3). Risk factors: public PoC available. Vendor patch is available.

FreshRSS versions prior to 1.26.2 suffer from an information disclosure vulnerability that allows unauthenticated remote attackers to enumerate server directories and infer installed software versions (such as PHP versions) without requiring privileges or user interaction. This information leakage can be weaponized for reconnaissance to identify additional attack surfaces. The vulnerability has a CVSS 3.1 score of 7.5 (High) with a network attack vector and no complexity barriers, making it trivially exploitable at scale.