VYPR

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

ClassDraftLikelihood: High

Description

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-116 · CAPEC-13 · CAPEC-169 · CAPEC-22 · CAPEC-224 · CAPEC-285 · CAPEC-287 · CAPEC-290 · CAPEC-291 · CAPEC-292 · CAPEC-293 · CAPEC-294 · CAPEC-295 · CAPEC-296 · CAPEC-297 · CAPEC-298 · CAPEC-299 · CAPEC-300 · CAPEC-301 · CAPEC-302 · CAPEC-303 · CAPEC-304 · CAPEC-305 · CAPEC-306 · CAPEC-307 · CAPEC-308 · CAPEC-309 · CAPEC-310 · CAPEC-312 · CAPEC-313 · CAPEC-317 · CAPEC-318 · CAPEC-319 · CAPEC-320 · CAPEC-321 · CAPEC-322 · CAPEC-323 · CAPEC-324 · CAPEC-325 · CAPEC-326 · CAPEC-327 · CAPEC-328 · CAPEC-329 · CAPEC-330 · CAPEC-472 · CAPEC-497 · CAPEC-508 · CAPEC-573 · CAPEC-574 · CAPEC-575 · CAPEC-576 · CAPEC-577 · CAPEC-59 · CAPEC-60 · CAPEC-616 · CAPEC-643 · CAPEC-646 · CAPEC-651 · CAPEC-79

CVEs mapped to this weakness (7,319)

page 97 of 366
  • CVE-2015-3197MedFeb 15, 2016
    risk 0.39cvss 5.9epss 0.11

    ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the…

  • CVE-2016-0201MedJan 18, 2016
    risk 0.39cvss 5.9epss 0.02

    GSKit in IBM Security Network Protection 5.3.1 before 5.3.1.7 and 5.3.2 allows remote attackers to discover credentials by triggering an MD5 collision.

  • CVE-2011-4107MedNov 17, 2011
    risk 0.39cvss 6.5epss 0.13

    The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external…

  • CVE-2007-2479MedMay 3, 2007
    risk 0.39cvss 5.9epss 0.03

    Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a…

  • CVE-2026-55882higJun 19, 2026
    risk 0.38cvss epss

    ## Summary The Tilt HUD server mounts Go's `net/http/pprof` handlers under `/debug` with no access control. When the HUD is network-exposed, an attacker can read process memory — including session and apiserver tokens — and hold the process under profiling. ## Details A…

  • CVE-2026-54304higJun 16, 2026
    risk 0.38cvss epss 0.00

    ## Impact An authenticated user with permission to create or modify workflows and access to a SecurityScorecard credential with limited allowed domains could configure the SecurityScorecard node's report download operation to target an attacker-controlled URL. The node attached…

  • CVE-2026-54305higJun 16, 2026
    risk 0.38cvss epss 0.00

    ## Impact Three EE endpoints used by the Dynamic Credentials feature accepted any authenticated n8n session without performing per-resource ownership or scope checks on the target workflow or credential. An authenticated user with no project membership or credential sharing…

  • CVE-2026-49853higJun 15, 2026
    risk 0.38cvss epss

    ## Summary When SimpleAsyncHTTPClient follows a 3xx redirect, it shallow-copies the original HTTPRequest, rewrites the URL, decrements max_redirects, and removes only the Host header. It does not clear Authorization, auth_username, auth_password, or auth_mode when the redirect…

  • CVE-2026-53571higJun 15, 2026
    risk 0.38cvss epss 0.00

    ### Summary The contents of files that are specified by [`server.fs.deny`](https://vite.dev/config/server-options#server-fs-deny) can be returned to the browser on Windows. ### Impact Only apps that match the following conditions are affected: - explicitly exposes the Vite…

  • CVE-2026-44206MedJun 12, 2026
    risk 0.38cvss epss 0.00

    Frappe is a full-stack web application framework. Prior to versions 15.107.2 and 16.17.4, DB Schema Enumeration is possible through exploiting an endpoint. This issue has been patched in versions 15.107.2 and 16.17.4.

  • CVE-2026-47701higJun 10, 2026
    risk 0.38cvss epss 0.00

    ## Affected Repository: github.com/open-telemetry/opentelemetry-operator Component: cmd/otel-allocator (TargetAllocator) Companion: Prometheus Operator API types (CRDs) ## Summary OpenTelemetry Operator's TargetAllocator watches `ServiceMonitor` resources via the Prometheus…

  • CVE-2026-47743higJun 5, 2026
    risk 0.38cvss epss 0.00

    ## Impact Three related defects on admin Livewire components allowed data tampering, sensitive data disclosure, and stored XSS: - **IDOR via unlocked properties.** Several Livewire components in the admin panel exposed Eloquent model identifiers as public properties without…

  • CVE-2026-45726higJun 5, 2026
    risk 0.38cvss epss 0.00

    ## Summary Omni supports importing standalone Talos clusters. During this process, an ImportedClusterSecrets resource is created, which contains the full CA secrets bundle for the cluster being imported. If these secrets are not rotated by the importing actor, an…

  • CVE-2026-47394higMay 29, 2026
    risk 0.38cvss epss 0.00

    ## Summary The fix for GHSA-9mqq-jqxf-grvw / CVE-2026-44336 is incomplete. The original advisory description named four vulnerable handlers in `mcp_server/adapters/cli_tools.py`: > "registers four file-handling tools by default, `praisonai.rules.create`,…

  • CVE-2026-41960MedMay 15, 2026
    risk 0.38cvss 5.8epss 0.00

    Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability.

  • CVE-2026-42871MedMay 11, 2026
    risk 0.38cvss epss 0.00

    WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, atendido/familiar_docfamiliar.php displays an overly descriptive error message, including database-related details. This verbosity leads to information disclosure, which could assist a potential…

  • CVE-2026-34318MedApr 21, 2026
    risk 0.38cvss 5.8epss 0.00

    Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple…

  • CVE-2025-67805MedApr 1, 2026
    risk 0.38cvss 5.9epss 0.00

    A non-default configuration in Sage DPW 2025_06_004 allows unauthenticated access to diagnostic endpoints within the Database Monitor feature, exposing sensitive information such as hashes and table names. This feature is disabled by default in all installations and never…

  • CVE-2026-32265MedMar 18, 2026
    risk 0.38cvss epss 0.00

    The Amazon S3 for Craft CMS plugin provides an Amazon S3 integration for Craft CMS. In versions 2.0.2 through 2.2.4, unauthenticated users can view a list of buckets the plugin has access to. The `BucketsController->actionLoadBucketData()` endpoint allows unauthenticated users…

  • CVE-2026-1867MedMar 11, 2026
    risk 0.38cvss 5.9epss 0.00

    The Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.6 allows passing a URL parameter to regenerate a .json file based on demo data that it initially creates. If an administrator modifies the demo form and enables admin notifications in the Guest…