CVSS: 5.3EPSS: %CPEs: 1EXPL: 0CVE-2026-0950 – Spectra Gutenberg Blocks <= 2.19.17 - Unauthenticated Information Disclosure in Sensitive Data
https://notcve.org/view.php?id=CVE-2026-0950
02 Feb 2026 — The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 2.19.17. • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2026-1530 – Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation
https://notcve.org/view.php?id=CVE-2026-1530
02 Feb 2026 — This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise. • https://access.redhat.com/security/cve/CVE-2026-1530 • CWE-295: Improper Certificate Validation •
CVSS: 8.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-1395 – Sensitive Data Exposure in CoDeriApp's HeyGarson
https://notcve.org/view.php?id=CVE-2025-1395
30 Jan 2026 — Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping.This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted several times to verifying fixing process but did not respond in any way. • https://www.usom.gov.tr/bildirim/tr-26-0009 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-12899 – net: icmp: Out of bound memory read
https://notcve.org/view.php?id=CVE-2025-12899
30 Jan 2026 — This results in an out-of-bounds memory read and creates a potential information-leak vulnerability in the networking subsystem. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c2vg-hj83-c2vg • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2026-23568 – Out-of-bounds read vulnerability in Content Distribution Service
https://notcve.org/view.php?id=CVE-2026-23568
29 Jan 2026 — An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause information disclosure or denial-of-service via a special crafted packet. • https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2026-1001 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-14840 – HTTP Client Manager - Less critical - Information disclosure - SA-CONTRIB-2025-126
https://notcve.org/view.php?id=CVE-2025-14840
28 Jan 2026 — Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal HTTP Client Manager allows Forceful Browsing.This issue affects HTTP Client Manager: from 0.0.0 before 9.3.13, from 10.0.0 before 10.0.2, from 11.0.0 before 11.0.1. • https://www.drupal.org/sa-contrib-2025-126 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-13985 – Entity Share - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-123
https://notcve.org/view.php?id=CVE-2025-13985
28 Jan 2026 — Incorrect Authorization vulnerability in Drupal Entity Share allows Forceful Browsing.This issue affects Entity Share: from 0.0.0 before 3.13.0. • https://www.drupal.org/sa-contrib-2025-123 • CWE-863: Incorrect Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37525 – HCL BigFix Compliance is vulnerable to a sensitive information disclosure
https://notcve.org/view.php?id=CVE-2023-37525
28 Jan 2026 — A sensitive information disclosure in HCL BigFix Compliance allows a remote attacker to access files under the WEB-INF directory, which may contain Java class files and configuration information, leading to unauthorized access to application internals. • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128385 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2025-33220
https://notcve.org/view.php?id=CVE-2025-33220
28 Jan 2026 — A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure. • https://nvd.nist.gov/vuln/detail/CVE-2025-33220 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2025-33219
https://notcve.org/view.php?id=CVE-2025-33219
28 Jan 2026 — A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure. • https://nvd.nist.gov/vuln/detail/CVE-2025-33219 • CWE-190: Integer Overflow or Wraparound •