CVSS: 8.2EPSS: %CPEs: -EXPL: 0CVE-2025-1395 – Sensitive Data Exposure in CoDeriApp's HeyGarson
https://notcve.org/view.php?id=CVE-2025-1395
30 Jan 2026 — Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. ... NOTE: The vendor was contacted early about this disclosure but did not respond in any way. • https://www.usom.gov.tr/bildirim/tr-26-0009 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.5EPSS: %CPEs: 1EXPL: 0CVE-2025-12899 – net: icmp: Out of bound memory read
https://notcve.org/view.php?id=CVE-2025-12899
30 Jan 2026 — This results in an out-of-bounds memory read and creates a potential information-leak vulnerability in the networking subsystem. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c2vg-hj83-c2vg • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.1EPSS: %CPEs: -EXPL: 1CVE-2026-1598 – Bdtask Bhojon All-In-One Restaurant Management System User Information profile cross site scripting
https://notcve.org/view.php?id=CVE-2026-1598
29 Jan 2026 — Impacted is an unknown function of the file /dashboard/home/profile of the component User Information Module. ... The vendor was contacted early about this disclosure but did not respond in any way. • https://github.com/4m3rr0r/PoCVulDb/issues/12 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2026-23568 – Out-of-bounds read vulnerability in Content Distribution Service
https://notcve.org/view.php?id=CVE-2026-23568
29 Jan 2026 — An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause information disclosure or denial-of-service via a special crafted packet. • https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2026-1001 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2026-23564 – Transmission of Unencrypted Data in Content Distribution Service
https://notcve.org/view.php?id=CVE-2026-23564
29 Jan 2026 — This can result in disclosure of sensitive information. • https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2026-1001 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-14840 – HTTP Client Manager - Less critical - Information disclosure - SA-CONTRIB-2025-126
https://notcve.org/view.php?id=CVE-2025-14840
28 Jan 2026 — Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal HTTP Client Manager allows Forceful Browsing.This issue affects HTTP Client Manager: from 0.0.0 before 9.3.13, from 10.0.0 before 10.0.2, from 11.0.0 before 11.0.1. • https://www.drupal.org/sa-contrib-2025-126 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-13985 – Entity Share - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-123
https://notcve.org/view.php?id=CVE-2025-13985
28 Jan 2026 — Incorrect Authorization vulnerability in Drupal Entity Share allows Forceful Browsing.This issue affects Entity Share: from 0.0.0 before 3.13.0. • https://www.drupal.org/sa-contrib-2025-123 • CWE-863: Incorrect Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37525 – HCL BigFix Compliance is vulnerable to a sensitive information disclosure
https://notcve.org/view.php?id=CVE-2023-37525
28 Jan 2026 — A sensitive information disclosure in HCL BigFix Compliance allows a remote attacker to access files under the WEB-INF directory, which may contain Java class files and configuration information, leading to unauthorized access to application internals. • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128385 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2025-33220
https://notcve.org/view.php?id=CVE-2025-33220
28 Jan 2026 — A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure. • https://nvd.nist.gov/vuln/detail/CVE-2025-33220 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2025-33219
https://notcve.org/view.php?id=CVE-2025-33219
28 Jan 2026 — A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure. • https://nvd.nist.gov/vuln/detail/CVE-2025-33219 • CWE-190: Integer Overflow or Wraparound •