CVSS: 5.3EPSS: %CPEs: 1EXPL: 0CVE-2026-0950 – Spectra Gutenberg Blocks <= 2.19.17 - Unauthenticated Information Disclosure in Sensitive Data
https://notcve.org/view.php?id=CVE-2026-0950
02 Feb 2026 — The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 2.19.17. • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2026-1530 – Fog-kubevirt: fog-kubevirt: man-in-the-middle vulnerability due to disabled certificate validation
https://notcve.org/view.php?id=CVE-2026-1530
02 Feb 2026 — This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise. • https://access.redhat.com/security/cve/CVE-2026-1530 • CWE-295: Improper Certificate Validation •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2026-1531 – Foreman-kubevirt: foreman_kubevirt: man-in-the-middle due to insecure default ssl verification
https://notcve.org/view.php?id=CVE-2026-1531
02 Feb 2026 — Such an attack could lead to the disclosure or alteration of sensitive information. • https://access.redhat.com/security/cve/CVE-2026-1531 • CWE-295: Improper Certificate Validation •
CVSS: 8.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-1395 – Sensitive Data Exposure in CoDeriApp's HeyGarson
https://notcve.org/view.php?id=CVE-2025-1395
30 Jan 2026 — Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. • https://www.usom.gov.tr/bildirim/tr-26-0009 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-12899 – net: icmp: Out of bound memory read
https://notcve.org/view.php?id=CVE-2025-12899
30 Jan 2026 — This results in an out-of-bounds memory read and creates a potential information-leak vulnerability in the networking subsystem. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c2vg-hj83-c2vg • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.1EPSS: 0%CPEs: -EXPL: 1CVE-2026-1598 – Bdtask Bhojon All-In-One Restaurant Management System User Information profile cross site scripting
https://notcve.org/view.php?id=CVE-2026-1598
29 Jan 2026 — Impacted is an unknown function of the file /dashboard/home/profile of the component User Information Module. ... The vendor was contacted early about this disclosure but did not respond in any way. • https://github.com/4m3rr0r/PoCVulDb/issues/12 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2026-23568 – Out-of-bounds read vulnerability in Content Distribution Service
https://notcve.org/view.php?id=CVE-2026-23568
29 Jan 2026 — An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause information disclosure or denial-of-service via a special crafted packet. • https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2026-1001 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2026-23564 – Transmission of Unencrypted Data in Content Distribution Service
https://notcve.org/view.php?id=CVE-2026-23564
29 Jan 2026 — This can result in disclosure of sensitive information. • https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2026-1001 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-14840 – HTTP Client Manager - Less critical - Information disclosure - SA-CONTRIB-2025-126
https://notcve.org/view.php?id=CVE-2025-14840
28 Jan 2026 — Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal HTTP Client Manager allows Forceful Browsing.This issue affects HTTP Client Manager: from 0.0.0 before 9.3.13, from 10.0.0 before 10.0.2, from 11.0.0 before 11.0.1. • https://www.drupal.org/sa-contrib-2025-126 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-13985 – Entity Share - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-123
https://notcve.org/view.php?id=CVE-2025-13985
28 Jan 2026 — Incorrect Authorization vulnerability in Drupal Entity Share allows Forceful Browsing.This issue affects Entity Share: from 0.0.0 before 3.13.0. • https://www.drupal.org/sa-contrib-2025-123 • CWE-863: Incorrect Authorization •