CWE-1230: CWE-1230
Yearly Trend
Top Affected Vendors
All CWE-1230 CVEs (9)
This vulnerability in lunary-ai/lunary exposes both public and private API keys through the GET /projects endpoint to users with minimal permissions l...
Mar 20, 2025The groov View API users endpoint exposes API keys for all users, including administrators, to anyone with Editor role access. This allows privilege e...
Nov 26, 2025This vulnerability in berriai/litellm's proxy server leaks Langfuse API keys when team settings parsing fails, exposing sensitive credentials. Attacke...
Mar 20, 2025Dell NativeEdge version 2.1.0.0 contains a metadata exposure vulnerability that allows unauthenticated remote attackers to access sensitive informatio...
Dec 25, 2024This vulnerability allows attackers to obtain expired administrator authentication tokens from network devices that have timed out from ETM (Embedded ...
Jan 10, 2025An information disclosure vulnerability in transformeroptimus/superagi allows authenticated users to access sensitive configuration details of any org...
Mar 20, 2025This vulnerability in Google Chrome's Media Stream implementation allows a remote attacker to gather information about connected peripherals (like web...
Mar 5, 2025The RomethemeKit For Elementor WordPress plugin exposes sensitive template data through a vulnerability in the register_controls function. Authenticat...
Jan 24, 2025The HT Mega plugin for WordPress exposes sensitive template data through a vulnerability in the accordion widget. Authenticated attackers with Contrib...
Sep 25, 2024About CWE-1230 (CWE-1230)
Our database tracks 9 CVEs classified as CWE-1230, with 0 rated critical and 4 rated high severity. The average CVSS score for CWE-1230 vulnerabilities is 6.6.
External reference: View CWE-1230 on MITRE CWE →
Monitor CWE-1230 Vulnerabilities
Get alerted when new CWE-1230 CVEs affect your infrastructure.
Start Monitoring Free