CWE · MITRE source
CWE-215Insertion of Sensitive Information Into Debugging Code
The product inserts sensitive information into debugging code, which could expose this information if the debugging code is not disabled in production.
When debugging, it may be necessary to report detailed information to the programmer. However, if the debugging code is not disabled when the product is operating in a production environment, then this sensitive information may be exposed to attackers.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2024-7569 | 2.4 | 9.6 | 0.0747 | 2024-08-13 |
CVE-2026-40173 | 1.9 | 9.4 | 0.0012 | 2026-04-15 |
CVE-2018-1191 | 1.8 | 8.8 | 0.0035 | 2018-03-29 |
CVE-2019-3781 | 1.8 | 8.8 | 0.0015 | 2019-03-07 |
CVE-2025-27684 | 1.5 | 7.5 | 0.0013 | 2025-03-05 |
CVE-2025-34081 | 1.5 | 7.5 | 0.0036 | 2025-07-01 |
CVE-2026-2250 | 1.5 | 7.5 | 0.0012 | 2026-02-11 |
CVE-2026-33247 | 1.5 | 7.4 | 0.0001 | 2026-03-25 |
CVE-2022-0721 | 1.3 | 6.5 | 0.0035 | 2022-02-23 |
CVE-2023-51390 | 1.3 | 6.5 | 0.0008 | 2023-12-21 |
CVE-2025-58598 | 1.3 | 6.6 | 0.0003 | 2025-09-03 |
CVE-2018-1002104 | 1.1 | 5.3 | 0.0044 | 2020-01-14 |
CVE-2023-49194 | 1.1 | 5.3 | 0.0037 | 2024-12-09 |
CVE-2023-21462 | 0.8 | 4.2 | 0.0005 | 2023-03-16 |
CVE-2025-12616 | 0.7 | 3.7 | 0.0005 | 2025-11-03 |
CVE-2025-0895 | 0.5 | 2.4 | 0.0003 | 2025-03-02 |
CVE-2024-22194 | 0.4 | 2.2 | 0.0003 | 2024-01-11 |