CWE-497
AllowedExposure of Sensitive System Information to an Unauthorized Control Sphere
Abstraction: Base · Status: Incomplete
The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.
669 vulnerabilities reference this CWE, most recent first.
GHSA-2C9X-Q6G3-36C7
Vulnerability from github – Published: 2026-07-14 18:32 – Updated: 2026-07-14 18:32Exposure of sensitive system information to an unauthorized control sphere in Windows Kernel allows an unauthorized attacker to disclose information locally.
{
"affected": [],
"aliases": [
"CVE-2026-50294"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-14T17:16:57Z",
"severity": "MODERATE"
},
"details": "Exposure of sensitive system information to an unauthorized control sphere in Windows Kernel allows an unauthorized attacker to disclose information locally.",
"id": "GHSA-2c9x-q6g3-36c7",
"modified": "2026-07-14T18:32:03Z",
"published": "2026-07-14T18:32:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50294"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50294"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2F38-FVH4-3V69
Vulnerability from github – Published: 2026-07-13 12:35 – Updated: 2026-07-13 12:35Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder woo-pdf-invoice-builder allows Retrieve Embedded Sensitive Data.This issue affects WooCommerce PDF Invoice Builder: from n/a through <= 2.0.8.
{
"affected": [],
"aliases": [
"CVE-2026-57393"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-13T10:16:32Z",
"severity": "MODERATE"
},
"details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder woo-pdf-invoice-builder allows Retrieve Embedded Sensitive Data.This issue affects WooCommerce PDF Invoice Builder: from n/a through \u003c= 2.0.8.",
"id": "GHSA-2f38-fvh4-3v69",
"modified": "2026-07-13T12:35:02Z",
"published": "2026-07-13T12:35:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-57393"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/woo-pdf-invoice-builder/vulnerability/wordpress-woocommerce-pdf-invoice-builder-plugin-2-0-8-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2FCH-5G6G-5J6Q
Vulnerability from github – Published: 2026-06-15 21:30 – Updated: 2026-06-15 21:30Subscriber Sensitive Data Exposure in Coupon Affiliates <= 7.8.1 versions.
{
"affected": [],
"aliases": [
"CVE-2026-49068"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-15T21:17:19Z",
"severity": "HIGH"
},
"details": "Subscriber Sensitive Data Exposure in Coupon Affiliates \u003c= 7.8.1 versions.",
"id": "GHSA-2fch-5g6g-5j6q",
"modified": "2026-06-15T21:30:49Z",
"published": "2026-06-15T21:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-49068"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/woo-coupon-usage/vulnerability/wordpress-coupon-affiliates-plugin-7-8-1-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2FXJ-84G8-M9VW
Vulnerability from github – Published: 2024-07-09 12:30 – Updated: 2024-07-09 12:30A vulnerability has been identified in RUGGEDCOM RMC30 (All versions < V4.3.10), RUGGEDCOM RMC30NC (All versions < V4.3.10), RUGGEDCOM RP110 (All versions < V4.3.10), RUGGEDCOM RP110NC (All versions < V4.3.10), RUGGEDCOM RS400 (All versions < V4.3.10), RUGGEDCOM RS400NC (All versions < V4.3.10), RUGGEDCOM RS401 (All versions < V4.3.10), RUGGEDCOM RS401NC (All versions < V4.3.10), RUGGEDCOM RS416 (All versions < V4.3.10), RUGGEDCOM RS416NC (All versions < V4.3.10), RUGGEDCOM RS416NCv2 V4.X (All versions < V4.3.10), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416P (All versions < V4.3.10), RUGGEDCOM RS416PNC (All versions < V4.3.10), RUGGEDCOM RS416PNCv2 V4.X (All versions < V4.3.10), RUGGEDCOM RS416PNCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416Pv2 V4.X (All versions < V4.3.10), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416v2 V4.X (All versions < V4.3.10), RUGGEDCOM RS416v2 V5.X (All versions < V5.9.0), RUGGEDCOM RS910 (All versions < V4.3.10), RUGGEDCOM RS910L (All versions), RUGGEDCOM RS910LNC (All versions), RUGGEDCOM RS910NC (All versions < V4.3.10), RUGGEDCOM RS910W (All versions < V4.3.10), RUGGEDCOM RS920L (All versions), RUGGEDCOM RS920LNC (All versions), RUGGEDCOM RS920W (All versions). In some configurations the affected products wrongly enable the Modbus service in non-managed VLANS. Only serial devices are affected by this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2024-39675"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-09T12:15:17Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in RUGGEDCOM RMC30 (All versions \u003c V4.3.10), RUGGEDCOM RMC30NC (All versions \u003c V4.3.10), RUGGEDCOM RP110 (All versions \u003c V4.3.10), RUGGEDCOM RP110NC (All versions \u003c V4.3.10), RUGGEDCOM RS400 (All versions \u003c V4.3.10), RUGGEDCOM RS400NC (All versions \u003c V4.3.10), RUGGEDCOM RS401 (All versions \u003c V4.3.10), RUGGEDCOM RS401NC (All versions \u003c V4.3.10), RUGGEDCOM RS416 (All versions \u003c V4.3.10), RUGGEDCOM RS416NC (All versions \u003c V4.3.10), RUGGEDCOM RS416NCv2 V4.X (All versions \u003c V4.3.10), RUGGEDCOM RS416NCv2 V5.X (All versions \u003c V5.9.0), RUGGEDCOM RS416P (All versions \u003c V4.3.10), RUGGEDCOM RS416PNC (All versions \u003c V4.3.10), RUGGEDCOM RS416PNCv2 V4.X (All versions \u003c V4.3.10), RUGGEDCOM RS416PNCv2 V5.X (All versions \u003c V5.9.0), RUGGEDCOM RS416Pv2 V4.X (All versions \u003c V4.3.10), RUGGEDCOM RS416Pv2 V5.X (All versions \u003c V5.9.0), RUGGEDCOM RS416v2 V4.X (All versions \u003c V4.3.10), RUGGEDCOM RS416v2 V5.X (All versions \u003c V5.9.0), RUGGEDCOM RS910 (All versions \u003c V4.3.10), RUGGEDCOM RS910L (All versions), RUGGEDCOM RS910LNC (All versions), RUGGEDCOM RS910NC (All versions \u003c V4.3.10), RUGGEDCOM RS910W (All versions \u003c V4.3.10), RUGGEDCOM RS920L (All versions), RUGGEDCOM RS920LNC (All versions), RUGGEDCOM RS920W (All versions). In some configurations the affected products wrongly enable the Modbus service in non-managed VLANS. Only serial devices are affected by this vulnerability.",
"id": "GHSA-2fxj-84g8-m9vw",
"modified": "2024-07-09T12:30:57Z",
"published": "2024-07-09T12:30:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39675"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-170375.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-2G85-XWQ8-G4F8
Vulnerability from github – Published: 2025-11-21 15:31 – Updated: 2026-01-20 15:31Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Uncanny Owl Uncanny Automator uncanny-automator allows Retrieve Embedded Sensitive Data.This issue affects Uncanny Automator: from n/a through < 6.10.0.
{
"affected": [],
"aliases": [
"CVE-2025-66056"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-21T13:15:46Z",
"severity": "MODERATE"
},
"details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Uncanny Owl Uncanny Automator uncanny-automator allows Retrieve Embedded Sensitive Data.This issue affects Uncanny Automator: from n/a through \u003c 6.10.0.",
"id": "GHSA-2g85-xwq8-g4f8",
"modified": "2026-01-20T15:31:56Z",
"published": "2025-11-21T15:31:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66056"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/uncanny-automator/vulnerability/wordpress-uncanny-automator-plugin-6-10-0-sensitive-data-exposure-vulnerability?_s_id=cve"
},
{
"type": "WEB",
"url": "https://vdp.patchstack.com/database/Wordpress/Plugin/uncanny-automator/vulnerability/wordpress-uncanny-automator-plugin-6-10-0-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2H3H-VPF4-F727
Vulnerability from github – Published: 2025-12-30 12:30 – Updated: 2026-01-20 15:32Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Roxnor PopupKit popup-builder-block allows Retrieve Embedded Sensitive Data.This issue affects PopupKit: from n/a through <= 2.1.5.
{
"affected": [],
"aliases": [
"CVE-2025-69026"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-30T11:16:01Z",
"severity": "MODERATE"
},
"details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Roxnor PopupKit popup-builder-block allows Retrieve Embedded Sensitive Data.This issue affects PopupKit: from n/a through \u003c= 2.1.5.",
"id": "GHSA-2h3h-vpf4-f727",
"modified": "2026-01-20T15:32:46Z",
"published": "2025-12-30T12:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69026"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/popup-builder-block/vulnerability/wordpress-popupkit-plugin-2-1-5-sensitive-data-exposure-vulnerability?_s_id=cve"
},
{
"type": "WEB",
"url": "https://vdp.patchstack.com/database/Wordpress/Plugin/popup-builder-block/vulnerability/wordpress-popupkit-plugin-2-1-5-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2JF5-6WWV-VHXX
Vulnerability from github – Published: 2026-05-05 18:13 – Updated: 2026-05-11 13:29Summary
A vulnerability in the Inngest TypeScript SDK versions 3.22.0 through 3.53.1 allows unauthenticated remote attackers to exfiltrate environment variables from the host process via the serve() HTTP handler.
The serve() handler implements GET, POST, and PUT methods. Requests using PATCH, OPTIONS, or DELETE fall through to a generic handler that returns diagnostic information. A change introduced in v3.22.0 caused this diagnostic response to include the contents of process.env, exposing any secrets, API keys, or credentials present in the environment.
Who is affected
An application is vulnerable if all of the following are true:
- It uses
inngestSDK version>= 3.22.0, <= 3.53.1(inclusive) - Its
serve()endpoint is reachable viaPATCH,OPTIONS, orDELETErequests.
Please check your framework's implementation for the serve handler (documentation) to asses whether it handles these HTTP methods. Common vulnerable configurations include:
- Next.js Pages Router, which forwards all HTTP methods to the handler.
- Express via
app.use('/api/inngest', serve(...)), which routesPATCHandOPTIONSto the handler by default.
The following are not affected:
- Next.js App Router handlers that explicitly export only
GET,POST, andPUT. - Applications using the
connectworker method. - SDK versions
< 3.22.0and>= 3.54.0, including all4.xreleases.
The vulnerability was responsibly disclosed by an Inngest user. At this time, there are no known reports of exploitation.
Remediation
- Upgrade to
inngest@3.54.0or later. The fix is backwards compatible with the3.xrelease line. The4.xline is also unaffected. - Rotate any secrets that were presence in environment variables (
process.env) within affected environments including Inngest signing keys and event keys - Search logs for any requests to your
serveendpoints using thePATCH,OPTIONS,DELETEhttp methods to assess if any environment variables may have been exposed.
Additional recommendations
Users on platforms with long-lived deployments (e.g. Vercel, Cloudflare Workers) should be aware that prior deployments remain reachable at their immutable URLs and may continue to expose the vulnerability even after a new deployment is promoted. For example, Vercel offers security features such as "Deployment Protection" and the ability to delete older deployments which can help immediately mitigate impact.
For additional security, users can also adjust firewall or proxy rules to only allow requests to their serve endpoint from Inngest IP addresses available here: http://inngest.com/ips-v4, http://inngest.com/ips-v6
Workarounds
If upgrading is not immediately possible, restrict the serve() endpoint at the framework or reverse-proxy layer to accept only GET, POST, and PUT. The Inngest serve() endpoint does not require any other HTTP methods.
Resources
- Rotating Inngest keys: https://www.inngest.com/docs/platform/manage/rotating-keys
- Inngest signing keys: https://www.inngest.com/docs/platform/signing-keys
- Inngest event keys: https://www.inngest.com/docs/events/creating-an-event-key
- Inngest security best practices: https://www.inngest.com/docs/learn/security
Credits
- Ben Hylak - an independent security researcher, discovered and responsibly disclosed the vulnerability.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "inngest"
},
"ranges": [
{
"events": [
{
"introduced": "3.22.0"
},
{
"fixed": "3.54.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-42047"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-497"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-05T18:13:52Z",
"nvd_published_at": "2026-05-07T21:16:29Z",
"severity": "HIGH"
},
"details": "# Summary\n\nA vulnerability in the Inngest TypeScript SDK versions `3.22.0` through `3.53.1` allows unauthenticated remote attackers to exfiltrate environment variables from the host process via the `serve()` HTTP handler.\n\nThe `serve()` handler implements `GET`, `POST`, and `PUT` methods. Requests using `PATCH`, `OPTIONS`, or `DELETE` fall through to a generic handler that returns diagnostic information. A change introduced in `v3.22.0` caused this diagnostic response to include the contents of `process.env`, exposing any secrets, API keys, or credentials present in the environment.\n\n# Who is affected\n\nAn application is vulnerable if **all** of the following are true:\n\n- It uses `inngest` SDK version `\u003e= 3.22.0, \u003c= 3.53.1` (inclusive)\n- Its `serve()` endpoint is reachable via `PATCH`, `OPTIONS`, or `DELETE` requests.\n\nPlease check your framework\u0027s implementation for the serve handler ([documentation](https://www.inngest.com/docs/learn/serving-inngest-functions)) to asses whether it handles these HTTP methods. Common vulnerable configurations include:\n\n- Next.js Pages Router, which forwards all HTTP methods to the handler.\n- Express via `app.use(\u0027/api/inngest\u0027, serve(...))`, which routes `PATCH` and `OPTIONS` to the handler by default.\n\nThe following are **not** affected:\n\n- Next.js App Router handlers that explicitly export only `GET`, `POST`, and `PUT`.\n- Applications using the `connect` worker method.\n- SDK versions `\u003c 3.22.0` and `\u003e= 3.54.0`, including all `4.x` releases.\n\nThe vulnerability was responsibly disclosed by an Inngest user. At this time, there are no known reports of exploitation.\n\n# Remediation\n\n1. Upgrade to `inngest@3.54.0` or later. The fix is backwards compatible with the `3.x` release line. The `4.x` line is also unaffected.\n2. Rotate any secrets that were presence in environment variables (`process.env`) within affected environments including Inngest signing keys and event keys\n3. Search logs for any requests to your `serve` endpoints using the `PATCH`, `OPTIONS`, `DELETE` http methods to assess if any environment variables may have been exposed.\n\n## Additional recommendations\n\nUsers on platforms with long-lived deployments (e.g. Vercel, Cloudflare Workers) should be aware that prior deployments remain reachable at their immutable URLs and may continue to expose the vulnerability even after a new deployment is promoted. For example, Vercel offers security features such as \"[Deployment Protection](https://vercel.com/docs/deployment-protection#standard-protection)\" and [the ability to delete older deployments](https://vercel.com/kb/guide/how-do-i-delete-an-individual-deployment) which can help immediately mitigate impact.\n\nFor additional security, users can also adjust firewall or proxy rules to only allow requests to their `serve` endpoint from Inngest IP addresses available here: http://inngest.com/ips-v4, http://inngest.com/ips-v6\n\n### Workarounds\n\nIf upgrading is not immediately possible, restrict the `serve()` endpoint at the framework or reverse-proxy layer to accept only `GET`, `POST`, and `PUT`. The Inngest `serve()` endpoint does not require any other HTTP methods.\n\n### Resources\n\n- Rotating Inngest keys: https://www.inngest.com/docs/platform/manage/rotating-keys\n- Inngest signing keys: https://www.inngest.com/docs/platform/signing-keys\n- Inngest event keys: https://www.inngest.com/docs/events/creating-an-event-key\n- Inngest security best practices: https://www.inngest.com/docs/learn/security\n\n### Credits\n\n- Ben Hylak - an independent security researcher, discovered and responsibly disclosed the vulnerability.",
"id": "GHSA-2jf5-6wwv-vhxx",
"modified": "2026-05-11T13:29:55Z",
"published": "2026-05-05T18:13:52Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/inngest/inngest-js/security/advisories/GHSA-2jf5-6wwv-vhxx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42047"
},
{
"type": "PACKAGE",
"url": "https://github.com/inngest/inngest-js"
},
{
"type": "WEB",
"url": "https://github.com/inngest/inngest-js/releases/tag/inngest%403.54.1"
},
{
"type": "WEB",
"url": "https://vercel.com/docs/deployment-protection#standard-protection"
},
{
"type": "WEB",
"url": "https://vercel.com/kb/guide/how-do-i-delete-an-individual-deployment"
},
{
"type": "WEB",
"url": "https://www.inngest.com/docs/events/creating-an-event-key"
},
{
"type": "WEB",
"url": "https://www.inngest.com/docs/learn/security"
},
{
"type": "WEB",
"url": "https://www.inngest.com/docs/learn/serving-inngest-functions"
},
{
"type": "WEB",
"url": "https://www.inngest.com/docs/platform/manage/rotating-keys"
},
{
"type": "WEB",
"url": "https://www.inngest.com/docs/platform/signing-keys"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Inngest TypeScript SDK exposes environment variables via serve() handler on unhandled HTTP methods"
}
GHSA-2MR3-PJ2M-Q569
Vulnerability from github – Published: 2025-11-04 00:32 – Updated: 2025-11-06 18:32Nagios XI versions prior to 2024R1.1.3, under certain circumstances, disclose sensitive user account information (including API keys and hashed passwords) to authenticated users who should not have access to that data. Exposure of API keys or password hashes could lead to account compromise, abuse of API privileges, or offline cracking attempts. CVE-2024-13995 addresses a similar vulnerability with a potentially incomplete fix for the underlying problem in earlier versions.
{
"affected": [],
"aliases": [
"CVE-2024-13998"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-03T22:16:40Z",
"severity": "MODERATE"
},
"details": "Nagios XI versions prior to\u00a02024R1.1.3, under certain circumstances, disclose sensitive user account information (including API keys and hashed passwords) to authenticated users who should not have access to that data. Exposure of API keys or password hashes could lead to account compromise, abuse of API privileges, or offline cracking attempts.\u00a0CVE-2024-13995 addresses a similar vulnerability with a potentially incomplete fix for the underlying problem in earlier versions.",
"id": "GHSA-2mr3-pj2m-q569",
"modified": "2025-11-06T18:32:49Z",
"published": "2025-11-04T00:32:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13998"
},
{
"type": "WEB",
"url": "https://www.nagios.com/changelog/nagios-xi"
},
{
"type": "WEB",
"url": "https://www.nagios.com/products/security/#nagios-xi"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/nagios-xi-api-keys-and-hashed-password-authenticated-information-disclosure-2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-2PWW-22WF-FGM9
Vulnerability from github – Published: 2025-12-18 09:30 – Updated: 2026-01-20 15:32Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in GetResponse Email marketing for WordPress by GetResponse Official getresponse-official allows Retrieve Embedded Sensitive Data.This issue affects Email marketing for WordPress by GetResponse Official: from n/a through <= 1.5.3.
{
"affected": [],
"aliases": [
"CVE-2025-64272"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-18T08:16:13Z",
"severity": "MODERATE"
},
"details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in GetResponse Email marketing for WordPress by GetResponse Official getresponse-official allows Retrieve Embedded Sensitive Data.This issue affects Email marketing for WordPress by GetResponse Official: from n/a through \u003c= 1.5.3.",
"id": "GHSA-2pww-22wf-fgm9",
"modified": "2026-01-20T15:32:31Z",
"published": "2025-12-18T09:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64272"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/getresponse-official/vulnerability/wordpress-email-marketing-for-wordpress-by-getresponse-official-plugin-1-5-3-sensitive-data-exposure-vulnerability?_s_id=cve"
},
{
"type": "WEB",
"url": "https://vdp.patchstack.com/database/Wordpress/Plugin/getresponse-official/vulnerability/wordpress-email-marketing-for-wordpress-by-getresponse-official-plugin-1-5-3-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2R7H-JV72-F7XP
Vulnerability from github – Published: 2025-05-19 18:30 – Updated: 2026-04-28 21:35Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Solid Plugins AnalyticsWP allows Retrieve Embedded Sensitive Data.This issue affects AnalyticsWP: from n/a through 2.1.2.
{
"affected": [],
"aliases": [
"CVE-2025-39394"
],
"database_specific": {
"cwe_ids": [
"CWE-497"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-19T17:15:27Z",
"severity": "MODERATE"
},
"details": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Solid Plugins AnalyticsWP allows Retrieve Embedded Sensitive Data.This issue affects AnalyticsWP: from n/a through 2.1.2.",
"id": "GHSA-2r7h-jv72-f7xp",
"modified": "2026-04-28T21:35:37Z",
"published": "2025-05-19T18:30:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39394"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/analyticswp/vulnerability/wordpress-analyticswp-plugin-2-1-2-sensitive-data-exposure-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Production applications should never use methods that generate internal details such as stack traces and error messages unless that information is directly committed to a log that is not viewable by the end user. All error message text should be HTML entity encoded before being written to the log file to protect against potential cross-site scripting attacks against the viewer of the logs
CAPEC-170: Web Application Fingerprinting
An attacker sends a series of probes to a web application in order to elicit version-dependent and type-dependent behavior that assists in identifying the target. An attacker could learn information such as software versions, error pages, and response headers, variations in implementations of the HTTP protocol, directory structures, and other similar information about the targeted service. This information can then be used by an attacker to formulate a targeted attack plan. While web application fingerprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
CAPEC-694: System Location Discovery
An adversary collects information about the target system in an attempt to identify the system's geographical location.
Information gathered could include keyboard layout, system language, and timezone. This information may benefit an adversary in confirming the desired target and/or tailoring further attacks.