Common Weakness Enumeration

CWE-497

Allowed

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Abstraction: Base · Status: Incomplete

The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.

669 vulnerabilities reference this CWE, most recent first.

CVE-2026-9307 (GCVE-0-2026-9307)

Vulnerability from cvelistv5 – Published: 2026-06-16 13:42 – Updated: 2026-06-16 17:49
VLAI
Title
Rockwell Automation CompactLogix 5370 Controllers – Multiple Vulnerabilities
Summary
A sensitive information disclosure security issue exists within the affected CompactLogix controllers. The controller's web server exposes CIP Connection IDs on the diagnostics webpage, which are accessible to any unauthenticated user on the network. This information can be leveraged by an attacker to construct malicious packets, leading to Denial-of-Service.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-497 - Exposure of sensitive system information to an unauthorized control sphere
Assigner
Impacted products
Credits
This security issue was found by external researcher Tyler Lentz of Idaho National Laboratory.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-9307",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-16T15:22:44.125561Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-16T15:22:53.470Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CompactLogix 5370",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "V36",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "This security issue was found by external researcher Tyler Lentz of Idaho National Laboratory."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A sensitive information disclosure security issue exists within the affected CompactLogix controllers. The\u0026nbsp;controller\u0027s\u0026nbsp;web server exposes CIP Connection IDs on the diagnostics webpage, which are accessible to any unauthenticated user on the network. This information can be\u0026nbsp;leveraged\u0026nbsp;by an attacker to construct malicious packets, leading to Denial-of-Service."
            }
          ],
          "value": "A sensitive information disclosure security issue exists within the affected CompactLogix controllers. The\u00a0controller\u0027s\u00a0web server exposes CIP Connection IDs on the diagnostics webpage, which are accessible to any unauthenticated user on the network. This information can be\u00a0leveraged\u00a0by an attacker to construct malicious packets, leading to Denial-of-Service."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-497",
              "description": "CWE-497 Exposure of sensitive system information to an unauthorized control sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-16T17:49:40.834Z",
        "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "shortName": "Rockwell"
      },
      "references": [
        {
          "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1776.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ca href=\"https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112\u0026amp;mode=3\u0026amp;refSoft=1\u0026amp;versions=55023,55024,55025,55026,55027,55061\" target=\"_blank\" rel=\"noreferrer noopener\"\u003eV38.011\u003c/a\u003e\u0026nbsp;"
            }
          ],
          "value": "V38.011 https://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx"
        }
      ],
      "source": {
        "advisory": "SD1776",
        "discovery": "EXTERNAL"
      },
      "title": "Rockwell Automation CompactLogix 5370 Controllers \u2013 Multiple Vulnerabilities",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
    "assignerShortName": "Rockwell",
    "cveId": "CVE-2026-9307",
    "datePublished": "2026-06-16T13:42:08.999Z",
    "dateReserved": "2026-05-22T18:09:17.609Z",
    "dateUpdated": "2026-06-16T17:49:40.834Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-7864 (GCVE-0-2026-7864)

Vulnerability from cvelistv5 – Published: 2026-05-08 13:12 – Updated: 2026-05-18 16:09
VLAI
Title
Exposure of Sensitive Information to an Unauthorized Actor
Summary
SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables through an unauthenticated endpoint in the new GINA UI, allowing remote attackers to obtain sensitive system information.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-497 - Exposure of sensitive system information to an unauthorized control sphere
Assigner
Impacted products
Vendor Product Version
SEPPmail AG Secure Email Gateway Affected: 0 , < 15.0.4 (custom)
Create a notification for this product.
Credits
Dario Weiss of InfoGuard Labs
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-7864",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-08T14:26:37.375051Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-08T21:28:00.437Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Secure Email Gateway",
          "vendor": "SEPPmail AG",
          "versions": [
            {
              "lessThan": "15.0.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Dario Weiss of InfoGuard Labs"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables through an unauthenticated endpoint in the new GINA UI, allowing remote attackers to obtain sensitive system information."
            }
          ],
          "value": "SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables through an unauthenticated endpoint in the new GINA UI, allowing remote attackers to obtain sensitive system information."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-497",
              "description": "CWE-497 Exposure of sensitive system information to an unauthorized control sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-18T16:09:19.591Z",
        "orgId": "455daabc-a392-441d-aa46-37d35189897c",
        "shortName": "NCSC.ch"
      },
      "references": [
        {
          "url": "https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#security"
        },
        {
          "url": "https://labs.infoguard.ch/posts/seppmail_secure_e-mail_gateway_rce_vulnerabilities_cve-2026-2743_cve-2026-7864_cve-2026-44127_cve-2026-44128/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Exposure of Sensitive Information to an Unauthorized Actor",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
    "assignerShortName": "NCSC.ch",
    "cveId": "CVE-2026-7864",
    "datePublished": "2026-05-08T13:12:17.617Z",
    "dateReserved": "2026-05-05T12:56:45.255Z",
    "dateUpdated": "2026-05-18T16:09:19.591Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-3075 (GCVE-0-2026-3075)

Vulnerability from cvelistv5 – Published: 2026-02-23 20:48 – Updated: 2026-04-28 16:15
VLAI
Title
WordPress Simple Ajax Chat plugin <= 20251121 - Sensitive Data Exposure vulnerability
Summary
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Starr Simple Ajax Chat simple-ajax-chat allows Retrieve Embedded Sensitive Data.This issue affects Simple Ajax Chat: from n/a through <= 20251121.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
Impacted products
Vendor Product Version
Jeff Starr Simple Ajax Chat Affected: 0 , ≤ 20251121 (custom)
Create a notification for this product.
Date Public
2026-04-28 13:51
Credits
Jakub Herman | Patchstack Bug Bounty Program
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-3075",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-27T17:55:32.305944Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-28T12:42:58.029Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://wordpress.org/plugins",
          "defaultStatus": "unaffected",
          "packageName": "simple-ajax-chat",
          "product": "Simple Ajax Chat",
          "vendor": "Jeff Starr",
          "versions": [
            {
              "changes": [
                {
                  "at": "20260217",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "20251121",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Jakub Herman | Patchstack Bug Bounty Program"
        }
      ],
      "datePublic": "2026-04-28T13:51:47.425Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Starr Simple Ajax Chat simple-ajax-chat allows Retrieve Embedded Sensitive Data.\u003cp\u003eThis issue affects Simple Ajax Chat: from n/a through \u003c= 20251121.\u003c/p\u003e"
            }
          ],
          "value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Jeff Starr Simple Ajax Chat simple-ajax-chat allows Retrieve Embedded Sensitive Data.This issue affects Simple Ajax Chat: from n/a through \u003c= 20251121."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-497",
              "description": "Exposure of Sensitive System Information to an Unauthorized Control Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-28T16:15:09.450Z",
        "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "shortName": "Patchstack"
      },
      "references": [
        {
          "tags": [
            "vdb-entry"
          ],
          "url": "https://patchstack.com/database/Wordpress/Plugin/simple-ajax-chat/vulnerability/wordpress-simple-ajax-chat-plugin-20251121-sensitive-data-exposure-vulnerability?_s_id=cve"
        }
      ],
      "title": "WordPress Simple Ajax Chat plugin \u003c= 20251121 - Sensitive Data Exposure vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
    "assignerShortName": "Patchstack",
    "cveId": "CVE-2026-3075",
    "datePublished": "2026-02-23T20:48:13.276Z",
    "dateReserved": "2026-02-23T20:46:14.458Z",
    "dateUpdated": "2026-04-28T16:15:09.450Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0853 (GCVE-0-2026-0853)

Vulnerability from cvelistv5 – Published: 2026-01-12 03:26 – Updated: 2026-01-12 15:54
VLAI
Title
A-Plus Video Technologies|NVR - Sensitive Data Exposure
Summary
Certain NVR models developed by A-Plus Video Technologies has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access the debug page and obtain device status information.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
Date Public
2026-01-12 03:16
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0853",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-12T15:54:24.725911Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-12T15:54:38.969Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "AP-RM864P",
          "vendor": "A-Plus Video Technologies",
          "versions": [
            {
              "lessThanOrEqual": "2.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "AP-RM864",
          "vendor": "A-Plus Video Technologies",
          "versions": [
            {
              "lessThanOrEqual": "2.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "AP-RM832P",
          "vendor": "A-Plus Video Technologies",
          "versions": [
            {
              "lessThanOrEqual": "2.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "AP-RM832",
          "vendor": "A-Plus Video Technologies",
          "versions": [
            {
              "lessThanOrEqual": "2.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "AP-RM816",
          "vendor": "A-Plus Video Technologies",
          "versions": [
            {
              "lessThanOrEqual": "2.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "AP-BS416",
          "vendor": "A-Plus Video Technologies",
          "versions": [
            {
              "lessThanOrEqual": "2.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "AP-BS408",
          "vendor": "A-Plus Video Technologies",
          "versions": [
            {
              "lessThanOrEqual": "2.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "AP-BS404",
          "vendor": "A-Plus Video Technologies",
          "versions": [
            {
              "lessThanOrEqual": "2.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2026-01-12T03:16:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Certain NVR models developed by A-Plus Video Technologies has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access the debug page and obtain device status information."
            }
          ],
          "value": "Certain NVR models developed by A-Plus Video Technologies has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access the debug page and obtain device status information."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-497",
              "description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-12T03:26:47.546Z",
        "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "shortName": "twcert"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.twcert.org.tw/tw/cp-132-10620-527f1-1.html"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.twcert.org.tw/en/cp-139-10621-55584-2.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update firmware to version 2.2.0 or later."
            }
          ],
          "value": "Update firmware to version 2.2.0 or later."
        }
      ],
      "source": {
        "advisory": "TVN-202601002",
        "discovery": "EXTERNAL"
      },
      "title": "A-Plus Video Technologies\uff5cNVR - Sensitive Data Exposure",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
    "assignerShortName": "twcert",
    "cveId": "CVE-2026-0853",
    "datePublished": "2026-01-12T03:26:47.546Z",
    "dateReserved": "2026-01-12T03:07:23.341Z",
    "dateUpdated": "2026-01-12T15:54:38.969Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0494 (GCVE-0-2026-0494)

Vulnerability from cvelistv5 – Published: 2026-01-13 01:13 – Updated: 2026-01-13 16:19
VLAI
Title
Information Disclosure vulnerability in SAP Fiori App (Intercompany Balance Reconciliation)
Summary
Under certain conditions SAP Fiori App Intercompany Balance Reconciliation application allows an attacker to access information which would otherwise be restricted. This has low impact on confidentiality of the application, integrity and availability are not impacted.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
sap
Impacted products
Vendor Product Version
SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) Affected: UIAPFI70 500
Affected: 600
Affected: 700
Affected: 800
Affected: 900
Affected: 901
Affected: 902
Affected: UIS4H 109
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0494",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-13T16:19:26.654230Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-13T16:19:32.833Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "SAP Fiori App (Intercompany Balance Reconciliation)",
          "vendor": "SAP_SE",
          "versions": [
            {
              "status": "affected",
              "version": "UIAPFI70 500"
            },
            {
              "status": "affected",
              "version": "600"
            },
            {
              "status": "affected",
              "version": "700"
            },
            {
              "status": "affected",
              "version": "800"
            },
            {
              "status": "affected",
              "version": "900"
            },
            {
              "status": "affected",
              "version": "901"
            },
            {
              "status": "affected",
              "version": "902"
            },
            {
              "status": "affected",
              "version": "UIS4H 109"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUnder certain conditions SAP Fiori App Intercompany Balance Reconciliation application allows an attacker to access information which would otherwise be restricted. This has low impact on confidentiality of the application, integrity and availability are not impacted.\u003c/p\u003e"
            }
          ],
          "value": "Under certain conditions SAP Fiori App Intercompany Balance Reconciliation application allows an attacker to access information which would otherwise be restricted. This has low impact on confidentiality of the application, integrity and availability are not impacted."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-497",
              "description": "CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere",
              "lang": "eng",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-13T01:13:14.370Z",
        "orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
        "shortName": "sap"
      },
      "references": [
        {
          "url": "https://me.sap.com/notes/3655227"
        },
        {
          "url": "https://url.sap/sapsecuritypatchday"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Information Disclosure vulnerability in SAP Fiori App (Intercompany Balance Reconciliation)",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
    "assignerShortName": "sap",
    "cveId": "CVE-2026-0494",
    "datePublished": "2026-01-13T01:13:14.370Z",
    "dateReserved": "2025-12-09T22:06:36.684Z",
    "dateUpdated": "2026-01-13T16:19:32.833Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0466 (GCVE-0-2026-0466)

Vulnerability from cvelistv5 – Published: 2026-06-09 17:33 – Updated: 2026-06-09 18:57
VLAI
Summary
Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
AMD
Impacted products
Vendor Product Version
AMD AMD µProf Unaffected: 5.3
Create a notification for this product.
Date Public
2026-06-09 17:33
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0466",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-09T18:57:21.372440Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-09T18:57:37.132Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD \u00b5Prof",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "5.3"
            }
          ]
        }
      ],
      "datePublic": "2026-06-09T17:33:35.113Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service.\u003cbr\u003e"
            }
          ],
          "value": "Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-497",
              "description": "CWE-497  Exposure of Sensitive System Information to an Unauthorized Control Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-09T17:33:58.582Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-9025.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2026-0466",
    "datePublished": "2026-06-09T17:33:58.582Z",
    "dateReserved": "2025-12-06T15:11:22.297Z",
    "dateUpdated": "2026-06-09T18:57:37.132Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0240 (GCVE-0-2026-0240)

Vulnerability from cvelistv5 – Published: 2026-05-13 18:54 – Updated: 2026-05-15 09:56
VLAI
Title
Trust Protection Foundation: Sensitive Information Disclosure Vulnerability
Summary
An information disclosure vulnerability in Trust Protection Foundation enables an authenticated attacker to obtain sensitive information from the server's vault. Successful exploitation of this issue allows the attacker to impersonate any user within the environment and arbitrarily modify configuration settings.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
Impacted products
Vendor Product Version
Palo Alto Networks Trust Protection Foundation Affected: 25.3.0 , < 25.3.3 (custom)
Affected: 25.1.0 , < 25.1.8 (custom)
Affected: 24.3.0 , < 24.3.6 (custom)
Affected: 24.1.0 , < 24.1.13 (custom)
Create a notification for this product.
Date Public
2026-05-13 16:00
Credits
Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0240",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T03:56:11.417596Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T09:56:36.574Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Trust Protection Foundation",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "25.3.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "25.3.3",
              "status": "affected",
              "version": "25.3.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "25.1.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "25.1.8",
              "status": "affected",
              "version": "25.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "24.3.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "24.3.6",
              "status": "affected",
              "version": "24.3.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "24.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "24.1.13",
              "status": "affected",
              "version": "24.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eNo specific configuration is required for exposure to this vulnerability.\u003c/p\u003e"
            }
          ],
          "value": "No specific configuration is required for exposure to this vulnerability."
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:trust_protection_foundation:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "25.3.3",
                  "versionStartIncluding": "25.3.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:trust_protection_foundation:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "25.1.8",
                  "versionStartIncluding": "25.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:trust_protection_foundation:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "24.3.6",
                  "versionStartIncluding": "24.3.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:trust_protection_foundation:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "24.1.13",
                  "versionStartIncluding": "24.1.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "other",
          "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue."
        }
      ],
      "datePublic": "2026-05-13T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn information disclosure vulnerability in Trust Protection Foundation enables an authenticated attacker to obtain sensitive information from the server\u0027s vault. Successful exploitation of this issue allows the attacker to impersonate any user within the environment and arbitrarily modify configuration settings.\u003c/p\u003e"
            }
          ],
          "value": "An information disclosure vulnerability in Trust Protection Foundation enables an authenticated attacker to obtain sensitive information from the server\u0027s vault. Successful exploitation of this issue allows the attacker to impersonate any user within the environment and arbitrarily modify configuration settings."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 4.5,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "LOW",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-497",
              "description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-13T18:54:07.294Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2026-0240"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ctable class=\"tbl\"\u003e\u003ctr\u003e\u003ctd\u003eVersion\u003c/td\u003e\u003ctd\u003eMinor Version\u003c/td\u003e\u003ctd\u003eSuggested Solution\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eTrust Protection Foundation 25.3\u003c/td\u003e\u003ctd\u003e25.3.0 through 25.3.2\u003c/td\u003e\u003ctd\u003eUpgrade to 25.3.3 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eTrust Protection Foundation 25.1\u003c/td\u003e\u003ctd\u003e25.1.0 through 25.1.7\u003c/td\u003e\u003ctd\u003eUpgrade to 25.1.8 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eTrust Protection Foundation 24.3\u003c/td\u003e\u003ctd\u003e24.3.0 through 24.3.5\u003c/td\u003e\u003ctd\u003eUpgrade to 24.3.6 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eTrust Protection Foundation 24.1\u003c/td\u003e\u003ctd\u003e24.1.0 through 24.1.12\u003c/td\u003e\u003ctd\u003eUpgrade to 24.1.13 or later.\u003c/td\u003e\u003c/tr\u003e\u003c/table\u003e"
            }
          ],
          "value": "Version  Minor Version  Suggested Solution\nTrust Protection Foundation 25.3  25.3.0 through 25.3.2  Upgrade to 25.3.3 or later.\nTrust Protection Foundation 25.1  25.1.0 through 25.1.7  Upgrade to 25.1.8 or later.\nTrust Protection Foundation 24.3  24.3.0 through 24.3.5  Upgrade to 24.3.6 or later.\nTrust Protection Foundation 24.1  24.1.0 through 24.1.12  Upgrade to 24.1.13 or later."
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-05-13T16:00:00.000Z",
          "value": "Initial publication."
        }
      ],
      "title": "Trust Protection Foundation: Sensitive Information Disclosure Vulnerability",
      "workarounds": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eNo known workarounds exist for this issue.\u003c/p\u003e"
            }
          ],
          "value": "No known workarounds exist for this issue."
        }
      ],
      "x_affectedList": [
        "Trust Protection Foundation 25.3.0",
        "Trust Protection Foundation 25.3.1",
        "Trust Protection Foundation 25.3.2",
        "Trust Protection Foundation 25.1.0",
        "Trust Protection Foundation 25.1.1",
        "Trust Protection Foundation 25.1.2",
        "Trust Protection Foundation 25.1.3",
        "Trust Protection Foundation 25.1.4",
        "Trust Protection Foundation 25.1.5",
        "Trust Protection Foundation 25.1.6",
        "Trust Protection Foundation 25.1.7",
        "Trust Protection Foundation 24.3.0",
        "Trust Protection Foundation 24.3.1",
        "Trust Protection Foundation 24.3.2",
        "Trust Protection Foundation 24.3.3",
        "Trust Protection Foundation 24.3.4",
        "Trust Protection Foundation 24.3.5",
        "Trust Protection Foundation 24.1.0",
        "Trust Protection Foundation 24.1.1",
        "Trust Protection Foundation 24.1.2",
        "Trust Protection Foundation 24.1.3",
        "Trust Protection Foundation 24.1.4",
        "Trust Protection Foundation 24.1.5",
        "Trust Protection Foundation 24.1.6",
        "Trust Protection Foundation 24.1.7",
        "Trust Protection Foundation 24.1.8",
        "Trust Protection Foundation 24.1.9",
        "Trust Protection Foundation 24.1.10",
        "Trust Protection Foundation 24.1.11",
        "Trust Protection Foundation 24.1.12"
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2026-0240",
    "datePublished": "2026-05-13T18:54:07.294Z",
    "dateReserved": "2025-11-03T20:44:01.023Z",
    "dateUpdated": "2026-05-15T09:56:36.574Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0239 (GCVE-0-2026-0239)

Vulnerability from cvelistv5 – Published: 2026-05-13 18:27 – Updated: 2026-05-13 18:42
VLAI
Title
Chronosphere Chronocollector Information Disclosure Vulnerability
Summary
An information disclosure vulnerability in the Chronosphere Chronocollector enables an unauthenticated attacker with network access to the collector service to retrieve sensitive information.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
Impacted products
Vendor Product Version
Palo Alto Networks Chronosphere Chronocollector Affected: 0.0.0 , < v0.116.0 (custom)
Create a notification for this product.
Date Public
2026-05-13 16:00
Credits
Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0239",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-13T18:41:27.690781Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-13T18:42:18.103Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Chronosphere Chronocollector",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "v0.116.0",
                  "status": "unaffected"
                }
              ],
              "lessThan": "v0.116.0",
              "status": "affected",
              "version": "0.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eNo special configuration is required to be affected by this issue.\u003c/p\u003e"
            }
          ],
          "value": "No special configuration is required to be affected by this issue."
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:chronosphere_chronocollector:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "v0.116.0",
                  "versionStartIncluding": "0.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "other",
          "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue."
        }
      ],
      "datePublic": "2026-05-13T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn information disclosure vulnerability in the Chronosphere Chronocollector enables an unauthenticated attacker with network access to the collector service to retrieve sensitive information.\u003c/p\u003e"
            }
          ],
          "value": "An information disclosure vulnerability in the Chronosphere Chronocollector enables an unauthenticated attacker with network access to the collector service to retrieve sensitive information."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-497",
              "description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-13T18:27:10.295Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2026-0239"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eChronosphere Chronocollector\u003c/td\u003e\u003ctd\u003eUpgrade to v0.116.0 or later.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
            }
          ],
          "value": "Version                        Suggested Solution\nChronosphere Chronocollector   Upgrade to v0.116.0 or later."
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-05-13T16:00:00.000Z",
          "value": "Initial publication."
        }
      ],
      "title": "Chronosphere Chronocollector Information Disclosure Vulnerability",
      "workarounds": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eNo known workarounds exist for this issue.\u003c/p\u003e"
            }
          ],
          "value": "No known workarounds exist for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2026-0239",
    "datePublished": "2026-05-13T18:27:10.295Z",
    "dateReserved": "2025-11-03T20:43:59.870Z",
    "dateUpdated": "2026-05-13T18:42:18.103Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0231 (GCVE-0-2026-0231)

Vulnerability from cvelistv5 – Published: 2026-03-11 18:03 – Updated: 2026-03-11 20:21
VLAI
Title
Cortex XDR Broker VM: Sensitive Information Disclosure Vulnerability
Summary
An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting.  The attacker must have network access to the Broker VM to exploit this issue.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
Impacted products
Vendor Product Version
Palo Alto Networks Cortex XDR Broker VM Affected: 30.0.0 , < 30.0.49 (custom)
Create a notification for this product.
Date Public
2026-03-11 16:00
Credits
an internal reporter, Nicola Kalak,
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0231",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-11T20:21:23.660381Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-11T20:21:35.933Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cortex XDR Broker VM",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "30.0.49",
                  "status": "unaffected"
                }
              ],
              "lessThan": "30.0.49",
              "status": "affected",
              "version": "30.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "No special configuration is required to be affected by this issue."
            }
          ],
          "value": "No special configuration is required to be affected by this issue."
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:palo_alto_networks:cortex_xdr_broker_vm:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "30.0.49",
                  "versionStartIncluding": "30.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "an internal reporter, Nicola Kalak,"
        }
      ],
      "datePublic": "2026-03-11T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An information disclosure vulnerability in\u0026nbsp;Palo Alto Networks Cortex XDR\u00ae Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI \u003cspan\u003eand modifying any configuration setting\u003c/span\u003e.\u0026nbsp;\u003cbr\u003e\u003cp\u003eThe attacker must have network access to the Broker VM to exploit this issue.\u003c/p\u003e"
            }
          ],
          "value": "An information disclosure vulnerability in\u00a0Palo Alto Networks Cortex XDR\u00ae Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting.\u00a0\nThe attacker must have network access to the Broker VM to exploit this issue."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "HIGH",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-497",
              "description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-11T18:03:21.302Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2026-0231"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003cspan\u003eThis issue is fixed in Cortex XDR Broker VM  30.0.49, and all later Cortex XDR Broker VM versions.\u003c/span\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e\u003cspan\u003eIf automatic upgrades are enabled for Broker VM, then no action is required at this time.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e\u003cspan\u003eIf automatic upgrades are not enabled for Broker VM, then we recommend that you do so to ensure that you always have the latest security patches installed in your software.\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e"
            }
          ],
          "value": "This issue is fixed in Cortex XDR Broker VM 30.0.49, and all later Cortex XDR Broker VM versions.\n\n * If automatic upgrades are enabled for Broker VM, then no action is required at this time.\n\n * If automatic upgrades are not enabled for Broker VM, then we recommend that you do so to ensure that you always have the latest security patches installed in your software."
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-03-11T16:00:00.000Z",
          "value": "Initial Publication"
        }
      ],
      "title": "Cortex XDR Broker VM: Sensitive Information Disclosure Vulnerability",
      "workarounds": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "No known workarounds exist for this issue."
            }
          ],
          "value": "No known workarounds exist for this issue."
        }
      ],
      "x_affectedList": [
        "Cortex XDR Broker VM 30.0.0",
        "Cortex XDR Broker VM 30.0.1",
        "Cortex XDR Broker VM 30.0.2",
        "Cortex XDR Broker VM 30.0.3",
        "Cortex XDR Broker VM 30.0.4",
        "Cortex XDR Broker VM 30.0.5",
        "Cortex XDR Broker VM 30.0.6",
        "Cortex XDR Broker VM 30.0.7",
        "Cortex XDR Broker VM 30.0.8",
        "Cortex XDR Broker VM 30.0.9",
        "Cortex XDR Broker VM 30.0.10",
        "Cortex XDR Broker VM 30.0.11",
        "Cortex XDR Broker VM 30.0.12",
        "Cortex XDR Broker VM 30.0.13",
        "Cortex XDR Broker VM 30.0.14",
        "Cortex XDR Broker VM 30.0.15",
        "Cortex XDR Broker VM 30.0.16",
        "Cortex XDR Broker VM 30.0.17",
        "Cortex XDR Broker VM 30.0.18",
        "Cortex XDR Broker VM 30.0.19",
        "Cortex XDR Broker VM 30.0.20",
        "Cortex XDR Broker VM 30.0.21",
        "Cortex XDR Broker VM 30.0.22",
        "Cortex XDR Broker VM 30.0.23",
        "Cortex XDR Broker VM 30.0.24",
        "Cortex XDR Broker VM 30.0.25",
        "Cortex XDR Broker VM 30.0.26",
        "Cortex XDR Broker VM 30.0.27",
        "Cortex XDR Broker VM 30.0.28",
        "Cortex XDR Broker VM 30.0.29",
        "Cortex XDR Broker VM 30.0.30",
        "Cortex XDR Broker VM 30.0.31",
        "Cortex XDR Broker VM 30.0.32",
        "Cortex XDR Broker VM 30.0.33",
        "Cortex XDR Broker VM 30.0.34",
        "Cortex XDR Broker VM 30.0.35",
        "Cortex XDR Broker VM 30.0.36",
        "Cortex XDR Broker VM 30.0.37",
        "Cortex XDR Broker VM 30.0.38",
        "Cortex XDR Broker VM 30.0.39",
        "Cortex XDR Broker VM 30.0.40",
        "Cortex XDR Broker VM 30.0.41",
        "Cortex XDR Broker VM 30.0.42",
        "Cortex XDR Broker VM 30.0.43",
        "Cortex XDR Broker VM 30.0.44",
        "Cortex XDR Broker VM 30.0.45",
        "Cortex XDR Broker VM 30.0.46",
        "Cortex XDR Broker VM 30.0.47",
        "Cortex XDR Broker VM 30.0.48"
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2026-0231",
    "datePublished": "2026-03-11T18:03:21.302Z",
    "dateReserved": "2025-11-03T20:43:52.020Z",
    "dateUpdated": "2026-03-11T20:21:35.933Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-69026 (GCVE-0-2025-69026)

Vulnerability from cvelistv5 – Published: 2025-12-30 10:47 – Updated: 2026-04-28 16:14
VLAI
Title
WordPress PopupKit plugin <= 2.1.5 - Sensitive Data Exposure vulnerability
Summary
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Roxnor PopupKit popup-builder-block allows Retrieve Embedded Sensitive Data.This issue affects PopupKit: from n/a through <= 2.1.5.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Assigner
References
Impacted products
Vendor Product Version
Roxnor PopupKit Affected: 0 , ≤ 2.1.5 (custom)
Create a notification for this product.
Date Public
2026-04-22 14:23
Credits
daroo | Patchstack Bug Bounty Program
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-69026",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-02T21:25:23.235495Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-27T19:44:55.534Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://wordpress.org/plugins",
          "defaultStatus": "unaffected",
          "packageName": "popup-builder-block",
          "product": "PopupKit",
          "vendor": "Roxnor",
          "versions": [
            {
              "changes": [
                {
                  "at": "2.2.1",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "2.1.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "daroo | Patchstack Bug Bounty Program"
        }
      ],
      "datePublic": "2026-04-22T14:23:00.148Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Roxnor PopupKit popup-builder-block allows Retrieve Embedded Sensitive Data.\u003cp\u003eThis issue affects PopupKit: from n/a through \u003c= 2.1.5.\u003c/p\u003e"
            }
          ],
          "value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Roxnor PopupKit popup-builder-block allows Retrieve Embedded Sensitive Data.This issue affects PopupKit: from n/a through \u003c= 2.1.5."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-497",
              "description": "Exposure of Sensitive System Information to an Unauthorized Control Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-28T16:14:34.481Z",
        "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "shortName": "Patchstack"
      },
      "references": [
        {
          "tags": [
            "vdb-entry"
          ],
          "url": "https://patchstack.com/database/Wordpress/Plugin/popup-builder-block/vulnerability/wordpress-popupkit-plugin-2-1-5-sensitive-data-exposure-vulnerability?_s_id=cve"
        }
      ],
      "title": "WordPress PopupKit plugin \u003c= 2.1.5 - Sensitive Data Exposure vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
    "assignerShortName": "Patchstack",
    "cveId": "CVE-2025-69026",
    "datePublished": "2025-12-30T10:47:56.141Z",
    "dateReserved": "2025-12-29T11:18:35.617Z",
    "dateUpdated": "2026-04-28T16:14:34.481Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Mitigation
Architecture and Design Implementation

Production applications should never use methods that generate internal details such as stack traces and error messages unless that information is directly committed to a log that is not viewable by the end user. All error message text should be HTML entity encoded before being written to the log file to protect against potential cross-site scripting attacks against the viewer of the logs

CAPEC-170: Web Application Fingerprinting

An attacker sends a series of probes to a web application in order to elicit version-dependent and type-dependent behavior that assists in identifying the target. An attacker could learn information such as software versions, error pages, and response headers, variations in implementations of the HTTP protocol, directory structures, and other similar information about the targeted service. This information can then be used by an attacker to formulate a targeted attack plan. While web application fingerprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.

CAPEC-694: System Location Discovery

An adversary collects information about the target system in an attempt to identify the system's geographical location.

Information gathered could include keyboard layout, system language, and timezone. This information may benefit an adversary in confirming the desired target and/or tailoring further attacks.