CVSS: -EPSS: %CPEs: -EXPL: 0CVE-2026-25389 – WordPress EventPrime plugin <= 4.2.8.3 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2026-25389
19 Feb 2026 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Retrieve Embedded Sensitive Data.This issue affects EventPrime: from n/a through <= 4.2.8.3. • https://patchstack.com/database/Wordpress/Plugin/eventprime-event-calendar-management/vulnerability/wordpress-eventprime-plugin-4-2-8-3-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: -EPSS: %CPEs: -EXPL: 0CVE-2026-25325 – WordPress rtMedia for WordPress, BuddyPress and bbPress plugin <= 4.7.8 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2026-25325
19 Feb 2026 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in rtCamp rtMedia for WordPress, BuddyPress and bbPress buddypress-media allows Retrieve Embedded Sensitive Data.This issue affects rtMedia for WordPress, BuddyPress and bbPress: from n/a through <= 4.7.8. • https://patchstack.com/database/Wordpress/Plugin/buddypress-media/vulnerability/wordpress-rtmedia-for-wordpress-buddypress-and-bbpress-plugin-4-7-8-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: -EPSS: %CPEs: -EXPL: 0CVE-2026-25008 – WordPress Ninja Tables plugin <= 5.2.5 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2026-25008
19 Feb 2026 — Insertion of Sensitive Information Into Sent Data vulnerability in Shahjahan Jewel Ninja Tables ninja-tables allows Retrieve Embedded Sensitive Data.This issue affects Ninja Tables: from n/a through <= 5.2.5. • https://patchstack.com/database/Wordpress/Plugin/ninja-tables/vulnerability/wordpress-ninja-tables-plugin-5-2-5-sensitive-data-exposure-vulnerability? • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 6.5EPSS: %CPEs: 2EXPL: 0CVE-2026-26361
https://notcve.org/view.php?id=CVE-2026-26361
19 Feb 2026 — A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000429268/dsa-2026-102-dell-unisphere-for-powermax-and-powermax-eem-security-update-for-multiple-vulnerabilities • CWE-73: External Control of File Name or Path •
CVSS: 8.8EPSS: %CPEs: 1EXPL: 1CVE-2019-25359 – SD.NET RIM 4.7.3c - 'idtyp' SQL Injection
https://notcve.org/view.php?id=CVE-2019-25359
18 Feb 2026 — Attackers can exploit this vulnerability by crafting specially formed POST requests to the /vorlagen/ endpoint, enabling unauthorized database manipulation and potential information disclosure. • https://www.exploit-db.com/exploits/47589 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.3EPSS: %CPEs: 1EXPL: 0CVE-2026-23491 – InvoicePlane has Unauthenticated Path Traversal in Guest Controller
https://notcve.org/view.php?id=CVE-2026-23491
18 Feb 2026 — This leads to the disclosure of sensitive information, including configuration files with database credentials. ... This leads to the disclosure of sensitive information, including configuration files with database credentials. • https://github.com/InvoicePlane/InvoicePlane/commit/add8bb798dde621f886823065ef1841986543c69 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.8EPSS: %CPEs: 4EXPL: 0CVE-2026-20142 – Sensitive Information Disclosure in "_internal" index in Splunk Enterprise
https://notcve.org/view.php?id=CVE-2026-20142
18 Feb 2026 — In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Search Head Cluster (SHC) deployment who holds a role with access to the Splunk `_internal` index could view the RSA `accessKey` value from the [<u>Authentication.conf</u> ](https://help.splunk.com/en/splunk-enterprise/administer/admin-manual/10.2/configuration-file-reference/10.2.0-configuration-file-reference/authentication.conf)file, in plain text. • https://advisory.splunk.com/advisories/SVD-2026-0207 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.8EPSS: %CPEs: 4EXPL: 0CVE-2026-20138 – Sensitive Information Disclosure in "_internal" index in Splunk Enterprise
https://notcve.org/view.php?id=CVE-2026-20138
18 Feb 2026 — In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Search Head Cluster (SHC) deployment who holds a role with access to the Splunk `_internal` index could view the `integrationKey`, `secretKey`, and `appSecretKey` secrets, generated by [Duo Two-Factor Authentication for Splunk Enterprise](https://duo.com/docs/splunk), in plain text. • https://advisory.splunk.com/advisories/SVD-2026-0203 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.8EPSS: %CPEs: 7EXPL: 0CVE-2026-20144 – Sensitive Information Disclosure in ''_internal'' index in Splunk Enterprise
https://notcve.org/view.php?id=CVE-2026-20144
18 Feb 2026 — In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Search Head Cluster (SHC) deployment who holds a role with access to the the Splunk _internal index could view the Security Assertion Markup Language (SAML) configurations for Attribute query requests (AQRs) or Authentication extensions in plain text within the conf.log file, depending on which feature is configure... • https://advisory.splunk.com/advisories/SVD-2026-0209 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 4.3EPSS: %CPEs: 3EXPL: 0CVE-2026-20141 – Improper Access Control in Splunk Monitoring Console App
https://notcve.org/view.php?id=CVE-2026-20141
18 Feb 2026 — This could lead to a sensitive information disclosure. • https://advisory.splunk.com/advisories/SVD-2026-0206 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •