Advanced Threat Data Export

Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.

Vulnerability Keyword

Date Range

Severity

Format

Upgrade Package

Data export is locked. Upgrade your package to enable filtering and downloading.

← Back to CVE List

CVE-2026-43646NVD

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Wicket.

This issue affects Apache Wicket: from 8.0.0 through 8.17.0, from 9.0.0 through 9.22.0, from 10.0.0 through 10.8.0.

Users are recommended to upgrade to version 10.9.0, which fixes the issue.

Severity Level

HIGH (7.5)

Published Date

06/05/2026

Last Modified

06/05/2026

Exploitation Status

UNKNOWN

References

https://lists.apache.org/thread/6zqcvjyz4lsqty1z2g5hg7pl5fqk88rs
http://www.openwall.com/lists/oss-security/2026/05/06/3