CVSS: 7.5EPSS: %CPEs: -EXPL: 0CVE-2026-4155 – ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2026-4155
16 Mar 2026 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging stations. •
CVSS: 8.7EPSS: 0%CPEs: 4EXPL: 2CVE-2017-20217 – Serviio PRO 1.8 REST API Information Disclosure
https://notcve.org/view.php?id=CVE-2017-20217
15 Mar 2026 — Serviio PRO 1.8 contains an information disclosure vulnerability due to improper access control enforcement in the Configuration REST API that allows unauthenticated attackers to access sensitive information. • https://www.vulncheck.com/advisories/serviio-pro-rest-api-information-disclosure • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2026-28521 – arduino-TuyaOpen TuyaIoT Out-of-Bounds Memory Read Information Disclosure
https://notcve.org/view.php?id=CVE-2026-28521
15 Mar 2026 — An attacker who hijacks or controls the Tuya cloud service can issue malicious DP event data to victim devices, causing out-of-bounds memory access that may result in information disclosure or a denial-of-service condition. • https://www.vulncheck.com/advisories/arduino-tuyaopen-tuyaiot-out-of-bounds-memory-read-information-disclosure • CWE-125: Out-of-bounds Read •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2026-3441 – Binutils: gnu binutils: information disclosure via specially crafted xcoff object file
https://notcve.org/view.php?id=CVE-2026-3441
15 Mar 2026 — This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this flaw, potentially leading to information disclosure or an application level denial of service. • https://access.redhat.com/security/cve/CVE-2026-3441 • CWE-125: Out-of-bounds Read •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2026-3442 – Binutils: gnu binutils: information disclosure or denial of service via out-of-bounds read in bfd linker
https://notcve.org/view.php?id=CVE-2026-3442
15 Mar 2026 — Successful exploitation may lead to the disclosure of sensitive information or cause the application to crash, resulting in an application level denial of service. • https://access.redhat.com/security/cve/CVE-2026-3442 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 20EXPL: 0CVE-2026-26133 – M365 Copilot Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2026-26133
13 Mar 2026 — AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26133 •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2026-0977 – IBM CICS Transaction Gateway for Multiplatforms Information Disclosure
https://notcve.org/view.php?id=CVE-2026-0977
13 Mar 2026 — IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls. • https://www.ibm.com/support/pages/node/7263518 • CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2025-13460 – IBM Aspera Console Information Disclosure
https://notcve.org/view.php?id=CVE-2025-13460
13 Mar 2026 — IBM Aspera Console 3.3.0 through 3.4.8 could allow an attacker to enumerate usernames due to an observable response discrepancy. • https://www.ibm.com/support/pages/node/7263486 • CWE-204: Observable Response Discrepancy •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2025-14483 – IBM Sterling B2B Integrator and IBM Sterling File Gateway Information Disclosure
https://notcve.org/view.php?id=CVE-2025-14483
13 Mar 2026 — IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through 6.2.1.1_1, and 6.2.2.0 could disclose sensitive host information to authenticated users in responses that could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7263329 • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 3.7EPSS: 0%CPEs: 2EXPL: 0CVE-2025-13718 – IBM Sterling Partner Engagement Manager Information Disclosure
https://notcve.org/view.php?id=CVE-2025-13718
13 Mar 2026 — IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors. • https://www.ibm.com/support/pages/node/7263391 • CWE-319: Cleartext Transmission of Sensitive Information •