
CVE-2025-0923 – IBM Cognos Analytics information disclosure
https://notcve.org/view.php?id=CVE-2025-0923
11 Jun 2025 — IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 stores source code on the web server that could aid in further attacks against the system. • https://www.ibm.com/support/pages/node/7234674 • CWE-540: Inclusion of Sensitive Information in Source Code •

CVE-2025-0163 – IBM Security Verify Access information disclosure
https://notcve.org/view.php?id=CVE-2025-0163
11 Jun 2025 — IBM Security Verify Access Appliance and Docker 10.0 through 10.0.8 could allow a remote attacker to enumerate usernames due to an observable response discrepancy of disabled accounts. • https://www.ibm.com/support/pages/node/7236314 • CWE-204: Observable Response Discrepancy •

CVE-2025-32711 – M365 Copilot Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-32711
11 Jun 2025 — Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32711 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVE-2025-4128 – Mattermost Guest User Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-4128
11 Jun 2025 — Mattermost versions 10.5.x <= 10.5.4, 9.11.x <= 9.11.13 fail to properly restrict API access to team information, allowing guest users to bypass permissions and view information about public teams they are not members of via a direct API call to /api/v4/teams/{team_id}. • https://mattermost.com/security-updates • CWE-863: Incorrect Authorization •

CVE-2025-5823 – Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-5823
11 Jun 2025 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. •

CVE-2025-36574
https://notcve.org/view.php?id=CVE-2025-36574
10 Jun 2025 — An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and Unauthorized access. • https://www.dell.com/support/kbdoc/en-us/000325679/dsa-2025-226 • CWE-36: Absolute Path Traversal •

CVE-2025-36575
https://notcve.org/view.php?id=CVE-2025-36575
10 Jun 2025 — Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000325679/dsa-2025-226 • CWE-202: Exposure of Sensitive Information Through Data Queries •

CVE-2025-33055 – Windows Storage Management Provider Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-33055
10 Jun 2025 — Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33055 • CWE-125: Out-of-bounds Read •

CVE-2025-33052 – Windows DWM Core Library Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-33052
10 Jun 2025 — Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33052 • CWE-908: Use of Uninitialized Resource •

CVE-2025-24065 – Windows Storage Management Provider Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24065
10 Jun 2025 — Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24065 • CWE-125: Out-of-bounds Read •