Information disclosure vulnerabilities
Information disclosure exposes data the attacker should not see: memory contents, configuration files, credentials, or other users’ records. Disclosure bugs are classic chain-starters — leaked keys and session tokens turn an "information only" finding into full account or system takeover.
Classification is assigned by the CSIRTS enrichment pipeline from the advisory text. The list below shows the latest advisories tagged information disclosure, newest first, across national CERTs, vendor PSIRTs and vulnerability databases — exploited marks CVEs in the CISA KEV catalog.