| Severity | Description | ||||||
|---|---|---|---|---|---|---|---|
| CVE-2026-56124 | High | 7.5 v3 | 0.4% | - | -No fix available yet | 2026-06-29 | phpUploader before 2.0.2 contains an unauthenticated information disclosure vulnerability that allows remote attackers to access the full contents of the uploaded-files database table by visiting any page of the application. The index model executes an unbounded SELECT query and embeds the complete JSON-encoded result set in an inline script block, exposing uploader IP addresses, Argon2ID key hashes, internal filenames, and SHA-256 fingerprints. |
| CVE-2026-57664 | Medium | 4.3 v3 | 0.2% | - | -No fix available yet | 2026-06-26 | Unauthenticated Sensitive Data Exposure in Bopo – WooCommerce Product Bundle Builder <= 1.1.6 versions. |
| CVE-2026-57633 | Medium | 5.3 v3 | 0.2% | - | -No fix available yet | 2026-06-26 | Unauthenticated Sensitive Data Exposure in WCBoost – Products Compare <= 1.1.0 versions. |
| CVE-2026-57316 | Medium | 6.5 v3 | 0.4% | - | -No fix available yet | 2026-06-26 | Subscriber Sensitive Data Exposure in GetGenie <= 4.4.2 versions. |
| CVE-2026-56060 | High | 7.5 v3 | 0.3% | - | -No fix available yet | 2026-06-26 | Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce <= 7.1.1 versions. |
| CVE-2026-54824 | High | 7.5 v3 | 0.3% | - | -No fix available yet | 2026-06-26 | Unauthenticated Sensitive Data Exposure in Ads by WPQuads <= 3.0.3 versions. |
| CVE-2026-9307 | Medium | 6.3 v4 | 0.3% | - | -No fix available yet | 2026-06-16 | A sensitive information disclosure security issue exists within the affected CompactLogix controllers. The controller's web server exposes CIP Connection IDs on the diagnostics webpage, which are accessible to any unauthenticated user on the network. This information can be leveraged by an attacker to construct malicious packets, leading to Denial-of-Service. |
| CVE-2026-52694 | High | 7.5 v3 | 0.2% | - | -No fix available yet | 2026-06-15 | Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce <= 2.0 versions. |
| CVE-2026-49068 | High | 7.5 v3 | 0.4% | - | -No fix available yet | 2026-06-15 | Subscriber Sensitive Data Exposure in Coupon Affiliates <= 7.8.1 versions. |
| CVE-2026-49066 | High | 7.5 v3 | 0.3% | - | -No fix available yet | 2026-06-15 | Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway <= 6.0.0 versions. |
| CVE-2026-49056 | High | 7.5 v3 | 0.3% | - | -No fix available yet | 2026-06-15 | Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.9.4 versions. |
| CVE-2026-48878 | Medium | 6.5 v3 | 0.3% | - | -No fix available yet | 2026-06-15 | Subscriber Sensitive Data Exposure in Visual Link Preview <= 2.4.1 versions. |
| CVE-2026-42660 | Medium | 6.5 v3 | 0.3% | - | -No fix available yet | 2026-06-15 | Subscriber Sensitive Data Exposure in Contest Gallery <= 28.1.7 versions. |
| CVE-2026-40796 | Medium | 6.5 v3 | 0.3% | - | -No fix available yet | 2026-06-15 | Subscriber Sensitive Data Exposure in WPPizza <= 3.19.9 versions. |
| CVE-2026-34891 | High | 7.5 v3 | 0.3% | - | -No fix available yet | 2026-06-15 | Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce <= 2.2.5 versions. |
| CVE-2026-24618 | Medium | 4.3 v3 | 0.2% | - | -No fix available yet | 2026-06-12 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in HashThemes Hash Elements allows Retrieve Embedded Sensitive Data. This issue affects Hash Elements: from n/a through 1.5.4. |
| CVE-2026-0466 | Medium | 5.5 v3 | 0.1% | - | Fix available | 2026-06-09 | Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service. |
| CVE-2026-44743 | Low | 3.7 v3 | 0.2% | - | -No fix available yet | 2026-06-09 | Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application. |
| CVE-2026-49077 | Medium | 5.3 v3 | 0.2% | - | -No fix available yet | 2026-06-04 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tips and Tricks HQ WP eMember allows Retrieve Embedded Sensitive Data. This issue affects WP eMember: from n/a through v10.2.2. |
| CVE-2026-44749 | Medium | 4.3 v3 | 0.3% | - | -No fix available yet | 2026-05-26 | The SAP Gateway allows attackers to inject content into error messages, potentially leading to disclosure of request artefacts (e.g., regex patterns) and revealing underlying URI parsing logic. Leading to low impact on confidentiality. Integrity and availability are unaffected. |
| CVE-2018-25358 | High | 7.5 v3 | 0.6% | - | -No fix available yet | 2026-05-23 | D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the table_name parameter in POST requests. Attackers can send requests to /my_cgi.cgi with table_name values like admin_user, wireless_settings, and wireless_security to extract administrative credentials and wireless network keys in clear text. |
| CVE-2026-27349 | Medium | 4.3 v3 | 0.2% | - | -No fix available yet | 2026-05-21 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPFunnels Team Mail Mint allows Retrieve Embedded Sensitive Data. This issue affects Mail Mint: from n/a through 1.19.5. |
| CVE-2026-0240 | Medium | 4.5 v4 | 0.2% | - | -No fix available yet | 2026-05-13 | An information disclosure vulnerability in Trust Protection Foundation enables an authenticated attacker to obtain sensitive information from the server's vault. Successful exploitation of this issue allows the attacker to impersonate any user within the environment and arbitrarily modify configuration settings. |
| CVE-2026-0239 | Medium | 4.9 v4 | 0.2% | - | -No fix available yet | 2026-05-13 | An information disclosure vulnerability in the Chronosphere Chronocollector enables an unauthenticated attacker with network access to the collector service to retrieve sensitive information. |
| CVE-2026-43654 | High | 7.5 v3 | 0.3% | - | Fix available | 2026-05-11 | The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to disclose kernel memory. |
| CVE-2026-7864 | Medium | 6.9 v4 | 17% | - | -No fix available yet | 2026-05-08 | SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables through an unauthenticated endpoint in the new GINA UI, allowing remote attackers to obtain sensitive system information. |
| CVE-2026-41928 | Medium | 5.3 v3 | 0.4% | - | -No fix available yet | 2026-05-07 | Vvveb before 1.0.8.2 contains an information disclosure vulnerability in the cron controller that allows unauthenticated attackers to retrieve the application's secret cron key. Attackers can access the cron controller without authentication and retrieve the exposed secret key from the response, enabling them to trigger scheduled task execution outside of the intended schedule. |
| CVE-2026-42047 | High | 8.6 v3 | 0.4% | - | Fix available | 2026-05-07 | Inngest is a platform for running event-driven and scheduled background functions with queueing, retries, and step orchestration. Versions 3.22.0 through 3.53.1 contain a vulnerability that allows unauthenticated remote attackers to exfiltrate environment variables from the host process via the serve() HTTP handler. The serve() handler implements GET, POST, and PUT methods. Requests using PATCH, OPTIONS, or DELETE fall through to a generic handler that returns diagnostic information. A change introduced in v3.22.0 caused this diagnostic response to include the contents of process.env, exposing any secrets, API keys, or credentials present in the environment. An application is vulnerable if its serve() endpoint is reachable via PATCH, OPTIONS, or DELETE requests, which is common in setups l |
| CVE-2026-25468 | Medium | 5.3 v3 | 0.3% | - | -No fix available yet | 2026-05-07 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs Happy Addons for Elementor allows Retrieve Embedded Sensitive Data. This issue affects Happy Addons for Elementor: from n/a through 3.20.8. |
| CVE-2026-42644 | Medium | 5.3 v3 | 0.2% | - | -No fix available yet | 2026-04-29 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper BetterDocs betterdocs allows Retrieve Embedded Sensitive Data.This issue affects BetterDocs: from n/a through <= 4.3.10. |
| CVE-2026-24222 | High | 8.6 v3 | 0.4% | - | Fix available | 2026-04-28 | NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandbox creation. A successful exploit of this vulnerability might lead to information disclosure. |
| CVE-2026-41339 | Medium | 4.3 v3 | 0.3% | - | Fix available | 2026-04-23 | OpenClaw before 2026.4.2 exposes configPath and stateDir metadata in Gateway connect success snapshots to non-admin authenticated clients. Non-admin clients can recover host-specific filesystem paths and deployment details, enabling host fingerprinting and facilitating chained attacks. |
| CVE-2026-41335 | Medium | 5.3 v3 | 0.3% | - | Fix available | 2026-04-23 | OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive fingerprinting information from the Control UI bootstrap payload to identify system versions and agent configurations. |
| CVE-2026-41459 | Medium | 5.3 v3 | 0.8% | - | -No fix available yet | 2026-04-22 | Xerte Online Toolkits versions 3.15 and earlier contain an information disclosure vulnerability that allows unauthenticated attackers to retrieve the full server-side filesystem path of the application root. Attackers can send a GET request to the /setup page to access the exposed root_path value rendered in the HTML response, which enables exploitation of path-dependent vulnerabilities such as relative path traversal in connector.php. |
| CVE-2026-34413 | High | 8.6 v3 | 2.8% | - | -No fix available yet | 2026-04-22 | Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where an HTTP redirect to unauthenticated callers does not call exit() or die(), allowing PHP execution to continue and process the full request server-side. Unauthenticated attackers can perform file operations on project media directories including creating directories, uploading files, renaming files, duplicating files, overwriting files, and deleting files, which can be chained with path traversal and extension blocklist vulnerabilities to achieve remote code execution and arbitrary file read. |
| CVE-2025-15623 | High | 7.5 v3 | 0.3% | - | -No fix available yet | 2026-04-17 | Exposure of Private Personal Information to an Unauthorized Actor, : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. Unauthenticated user can retrieve database password in plaintext in certain situations |
| CVE-2026-39686 | Medium | 5.3 v3 | 0.2% | - | -No fix available yet | 2026-04-08 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in bannersky BSK PDF Manager bsk-pdf-manager allows Retrieve Embedded Sensitive Data.This issue affects BSK PDF Manager: from n/a through <= 3.7.2. |
| CVE-2026-39572 | Medium | 4.3 v3 | 0.2% | - | -No fix available yet | 2026-04-08 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Retrieve Embedded Sensitive Data.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through < 5.6.5. |
| CVE-2026-39571 | Medium | 5.3 v3 | 0.2% | - | -No fix available yet | 2026-04-08 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Themefic Instantio instantio allows Retrieve Embedded Sensitive Data.This issue affects Instantio: from n/a through <= 3.3.30. |
| CVE-2026-39566 | Medium | 4.3 v3 | 0.2% | - | -No fix available yet | 2026-04-08 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through <= 3.6.26. |
| CVE-2026-39536 | Medium | 5.3 v3 | 0.2% | - | -No fix available yet | 2026-04-08 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through <= 2.7.16. |
| CVE-2026-39516 | Medium | 5.3 v3 | 0.2% | - | -No fix available yet | 2026-04-08 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through <= 4.7.0. |
| CVE-2026-39469 | Medium | 4.3 v3 | 0.2% | - | -No fix available yet | 2026-04-08 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Softaculous PageLayer pagelayer allows Retrieve Embedded Sensitive Data.This issue affects PageLayer: from n/a through <= 2.0.8. |
| CVE-2026-33617 | Medium | 5.3 v3 | 0.3% | - | -No fix available yet | 2026-04-02 | An unauthenticated remote attacker can access a configuration file containing database credentials. This can result in a some loss of confidentiality, but there is no endpoint exposed to use these credentials. |
| CVE-2025-36373 | Medium | 4.1 v3 | 0.3% | - | Fix available | 2026-04-01 | IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM DataPower Gateway 10.5.0 10.5.0.0 through 10.5.0.20 and IBM DataPower Gateway 10.6.0 10.6.0.0 through 10.6.0.8 IBM DataPower Gateway could disclose sensitive system information from other domains to an administrative user. |
| CVE-2026-25344 | Medium | 6.5 v3 | 0.3% | - | -No fix available yet | 2026-03-25 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme Review Schema review-schema allows Retrieve Embedded Sensitive Data.This issue affects Review Schema: from n/a through <= 2.2.6. |
| CVE-2026-20691 | Medium | 4.3 v3 | 0.3% | - | Fix available | 2026-03-25 | An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A maliciously crafted webpage may be able to fingerprint the user. |
| CVE-2026-32405 | Medium | 5.3 v3 | 0.2% | - | -No fix available yet | 2026-03-13 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in xtemos WoodMart woodmart allows Retrieve Embedded Sensitive Data.This issue affects WoodMart: from n/a through <= 8.3.9. |
| CVE-2026-32372 | Medium | 5.3 v3 | 0.3% | - | -No fix available yet | 2026-03-13 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons shopbuilder allows Retrieve Embedded Sensitive Data.This issue affects ShopBuilder – Elementor WooCommerce Builder Addons: from n/a through <= 3.2.4. |
| CVE-2026-0231 | Unscored | - | 0.2% | - | -No fix available yet | 2026-03-11 | An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. The attacker must have network access to the Broker VM to exploit this issue. |
- HighCVSS 7.5 v3·EPSS 0.4%·No fix yet
phpUploader before 2.0.2 contains an unauthenticated information disclosure vulnerability that allows remote attackers to access the full contents of the uploaded-files database table by visiting any page of the application. The index model executes an unbounded SELECT query and embeds the complete JSON-encoded result set in an inline script block, exposing uploader IP addresses, Argon2ID key hashes, internal filenames, and SHA-256 fingerprints.
Published 2026-06-29
- MediumCVSS 4.3 v3·EPSS 0.2%·No fix yet
Unauthenticated Sensitive Data Exposure in Bopo – WooCommerce Product Bundle Builder <= 1.1.6 versions.
Published 2026-06-26
- MediumCVSS 5.3 v3·EPSS 0.2%·No fix yet
Unauthenticated Sensitive Data Exposure in WCBoost – Products Compare <= 1.1.0 versions.
Published 2026-06-26
- MediumCVSS 6.5 v3·EPSS 0.4%·No fix yet
Subscriber Sensitive Data Exposure in GetGenie <= 4.4.2 versions.
Published 2026-06-26
- HighCVSS 7.5 v3·EPSS 0.3%·No fix yet
Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce <= 7.1.1 versions.
Published 2026-06-26
- HighCVSS 7.5 v3·EPSS 0.3%·No fix yet
Unauthenticated Sensitive Data Exposure in Ads by WPQuads <= 3.0.3 versions.
Published 2026-06-26
- MediumCVSS 6.3 v4·EPSS 0.3%·No fix yet
A sensitive information disclosure security issue exists within the affected CompactLogix controllers. The controller's web server exposes CIP Connection IDs on the diagnostics webpage, which are accessible to any unauthenticated user on the network. This information can be leveraged by an attacker to construct malicious packets, leading to Denial-of-Service.
Published 2026-06-16
- HighCVSS 7.5 v3·EPSS 0.2%·No fix yet
Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce <= 2.0 versions.
Published 2026-06-15
- HighCVSS 7.5 v3·EPSS 0.4%·No fix yet
Subscriber Sensitive Data Exposure in Coupon Affiliates <= 7.8.1 versions.
Published 2026-06-15
- HighCVSS 7.5 v3·EPSS 0.3%·No fix yet
Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway <= 6.0.0 versions.
Published 2026-06-15
- HighCVSS 7.5 v3·EPSS 0.3%·No fix yet
Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.9.4 versions.
Published 2026-06-15
- MediumCVSS 6.5 v3·EPSS 0.3%·No fix yet
Subscriber Sensitive Data Exposure in Visual Link Preview <= 2.4.1 versions.
Published 2026-06-15
- MediumCVSS 6.5 v3·EPSS 0.3%·No fix yet
Subscriber Sensitive Data Exposure in Contest Gallery <= 28.1.7 versions.
Published 2026-06-15
- MediumCVSS 6.5 v3·EPSS 0.3%·No fix yet
Subscriber Sensitive Data Exposure in WPPizza <= 3.19.9 versions.
Published 2026-06-15
- HighCVSS 7.5 v3·EPSS 0.3%·No fix yet
Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce <= 2.2.5 versions.
Published 2026-06-15
- MediumCVSS 4.3 v3·EPSS 0.2%·No fix yet
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in HashThemes Hash Elements allows Retrieve Embedded Sensitive Data. This issue affects Hash Elements: from n/a through 1.5.4.
Published 2026-06-12
- MediumCVSS 5.5 v3·EPSS 0.1%·Fix available
Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service.
Published 2026-06-09
- CVSS 3.7 v3·EPSS 0.2%·No fix yet
Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application.
Published 2026-06-09
- MediumCVSS 5.3 v3·EPSS 0.2%·No fix yet
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tips and Tricks HQ WP eMember allows Retrieve Embedded Sensitive Data. This issue affects WP eMember: from n/a through v10.2.2.
Published 2026-06-04
- MediumCVSS 4.3 v3·EPSS 0.3%·No fix yet
The SAP Gateway allows attackers to inject content into error messages, potentially leading to disclosure of request artefacts (e.g., regex patterns) and revealing underlying URI parsing logic. Leading to low impact on confidentiality. Integrity and availability are unaffected.
Published 2026-05-26
- HighCVSS 7.5 v3·EPSS 0.6%·No fix yet
D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the table_name parameter in POST requests. Attackers can send requests to /my_cgi.cgi with table_name values like admin_user, wireless_settings, and wireless_security to extract administrative credentials and wireless network keys in clear text.
Published 2026-05-23
- MediumCVSS 4.3 v3·EPSS 0.2%·No fix yet
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPFunnels Team Mail Mint allows Retrieve Embedded Sensitive Data. This issue affects Mail Mint: from n/a through 1.19.5.
Published 2026-05-21
- MediumCVSS 4.5 v4·EPSS 0.2%·No fix yet
An information disclosure vulnerability in Trust Protection Foundation enables an authenticated attacker to obtain sensitive information from the server's vault. Successful exploitation of this issue allows the attacker to impersonate any user within the environment and arbitrarily modify configuration settings.
Published 2026-05-13
- MediumCVSS 4.9 v4·EPSS 0.2%·No fix yet
An information disclosure vulnerability in the Chronosphere Chronocollector enables an unauthenticated attacker with network access to the collector service to retrieve sensitive information.
Published 2026-05-13
- HighCVSS 7.5 v3·EPSS 0.3%·Fix available
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to disclose kernel memory.
Published 2026-05-11
- MediumCVSS 6.9 v4·EPSS 17%·No fix yet
SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables through an unauthenticated endpoint in the new GINA UI, allowing remote attackers to obtain sensitive system information.
Published 2026-05-08
- MediumCVSS 5.3 v3·EPSS 0.4%·No fix yet
Vvveb before 1.0.8.2 contains an information disclosure vulnerability in the cron controller that allows unauthenticated attackers to retrieve the application's secret cron key. Attackers can access the cron controller without authentication and retrieve the exposed secret key from the response, enabling them to trigger scheduled task execution outside of the intended schedule.
Published 2026-05-07
- HighCVSS 8.6 v3·EPSS 0.4%·Fix available
Inngest is a platform for running event-driven and scheduled background functions with queueing, retries, and step orchestration. Versions 3.22.0 through 3.53.1 contain a vulnerability that allows unauthenticated remote attackers to exfiltrate environment variables from the host process via the serve() HTTP handler. The serve() handler implements GET, POST, and PUT methods. Requests using PATCH, OPTIONS, or DELETE fall through to a generic handler that returns diagnostic information. A change introduced in v3.22.0 caused this diagnostic response to include the contents of process.env, exposing any secrets, API keys, or credentials present in the environment. An application is vulnerable if its serve() endpoint is reachable via PATCH, OPTIONS, or DELETE requests, which is common in setups l
Published 2026-05-07
- MediumCVSS 5.3 v3·EPSS 0.3%·No fix yet
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs Happy Addons for Elementor allows Retrieve Embedded Sensitive Data. This issue affects Happy Addons for Elementor: from n/a through 3.20.8.
Published 2026-05-07
- MediumCVSS 5.3 v3·EPSS 0.2%·No fix yet
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPDeveloper BetterDocs betterdocs allows Retrieve Embedded Sensitive Data.This issue affects BetterDocs: from n/a through <= 4.3.10.
Published 2026-04-29
- HighCVSS 8.6 v3·EPSS 0.4%·Fix available
NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandbox creation. A successful exploit of this vulnerability might lead to information disclosure.
Published 2026-04-28
- MediumCVSS 4.3 v3·EPSS 0.3%·Fix available
OpenClaw before 2026.4.2 exposes configPath and stateDir metadata in Gateway connect success snapshots to non-admin authenticated clients. Non-admin clients can recover host-specific filesystem paths and deployment details, enabling host fingerprinting and facilitating chained attacks.
Published 2026-04-23
- MediumCVSS 5.3 v3·EPSS 0.3%·Fix available
OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive fingerprinting information from the Control UI bootstrap payload to identify system versions and agent configurations.
Published 2026-04-23
- MediumCVSS 5.3 v3·EPSS 0.8%·No fix yet
Xerte Online Toolkits versions 3.15 and earlier contain an information disclosure vulnerability that allows unauthenticated attackers to retrieve the full server-side filesystem path of the application root. Attackers can send a GET request to the /setup page to access the exposed root_path value rendered in the HTML response, which enables exploitation of path-dependent vulnerabilities such as relative path traversal in connector.php.
Published 2026-04-22
- HighCVSS 8.6 v3·EPSS 2.8%·No fix yet
Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where an HTTP redirect to unauthenticated callers does not call exit() or die(), allowing PHP execution to continue and process the full request server-side. Unauthenticated attackers can perform file operations on project media directories including creating directories, uploading files, renaming files, duplicating files, overwriting files, and deleting files, which can be chained with path traversal and extension blocklist vulnerabilities to achieve remote code execution and arbitrary file read.
Published 2026-04-22
- HighCVSS 7.5 v3·EPSS 0.3%·No fix yet
Exposure of Private Personal Information to an Unauthorized Actor, : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. Unauthenticated user can retrieve database password in plaintext in certain situations
Published 2026-04-17
- MediumCVSS 5.3 v3·EPSS 0.2%·No fix yet
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in bannersky BSK PDF Manager bsk-pdf-manager allows Retrieve Embedded Sensitive Data.This issue affects BSK PDF Manager: from n/a through <= 3.7.2.
Published 2026-04-08
- MediumCVSS 4.3 v3·EPSS 0.2%·No fix yet
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Retrieve Embedded Sensitive Data.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through < 5.6.5.
Published 2026-04-08
- MediumCVSS 5.3 v3·EPSS 0.2%·No fix yet
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Themefic Instantio instantio allows Retrieve Embedded Sensitive Data.This issue affects Instantio: from n/a through <= 3.3.30.
Published 2026-04-08
- MediumCVSS 4.3 v3·EPSS 0.2%·No fix yet
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Designinvento DirectoryPress directorypress allows Retrieve Embedded Sensitive Data.This issue affects DirectoryPress: from n/a through <= 3.6.26.
Published 2026-04-08
- MediumCVSS 5.3 v3·EPSS 0.2%·No fix yet
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through <= 2.7.16.
Published 2026-04-08
- MediumCVSS 5.3 v3·EPSS 0.2%·No fix yet
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through <= 4.7.0.
Published 2026-04-08
- MediumCVSS 4.3 v3·EPSS 0.2%·No fix yet
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Softaculous PageLayer pagelayer allows Retrieve Embedded Sensitive Data.This issue affects PageLayer: from n/a through <= 2.0.8.
Published 2026-04-08
- MediumCVSS 5.3 v3·EPSS 0.3%·No fix yet
An unauthenticated remote attacker can access a configuration file containing database credentials. This can result in a some loss of confidentiality, but there is no endpoint exposed to use these credentials.
Published 2026-04-02
- MediumCVSS 4.1 v3·EPSS 0.3%·Fix available
IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM DataPower Gateway 10.5.0 10.5.0.0 through 10.5.0.20 and IBM DataPower Gateway 10.6.0 10.6.0.0 through 10.6.0.8 IBM DataPower Gateway could disclose sensitive system information from other domains to an administrative user.
Published 2026-04-01
- MediumCVSS 6.5 v3·EPSS 0.3%·No fix yet
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme Review Schema review-schema allows Retrieve Embedded Sensitive Data.This issue affects Review Schema: from n/a through <= 2.2.6.
Published 2026-03-25
- MediumCVSS 4.3 v3·EPSS 0.3%·Fix available
An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A maliciously crafted webpage may be able to fingerprint the user.
Published 2026-03-25
- MediumCVSS 5.3 v3·EPSS 0.2%·No fix yet
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in xtemos WoodMart woodmart allows Retrieve Embedded Sensitive Data.This issue affects WoodMart: from n/a through <= 8.3.9.
Published 2026-03-13
- MediumCVSS 5.3 v3·EPSS 0.3%·No fix yet
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons shopbuilder allows Retrieve Embedded Sensitive Data.This issue affects ShopBuilder – Elementor WooCommerce Builder Addons: from n/a through <= 3.2.4.
Published 2026-03-13
- UnscoredCVSS -·EPSS 0.2%·No fix yet
An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. The attacker must have network access to the Broker VM to exploit this issue.
Published 2026-03-11
Uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog.