CVE-2026-13007

Tenable Identity Exposure contains multiple unauthenticated API endpoints under /w/api/ that expose sensitive application configuration data including cleartext LDAP credentials, SAML configuration, user accounts, and directory settings to unauthenticated remote attackers. Affected responses are...

CVE-2026-27316

A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection...

CVE-2026-44052 LDAP simple-bind password exposure in log output

Netatalk 2.1.0 through 4.4.2 inserts LDAP simple-bind passwords into log output in cleartext, which allows an attacker with access to the log files to obtain LDAP credentials...

PT-2026-32679

A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection...

CVE-2026-33288

CVE-2026-33288 affects SuiteCRM, where an authenticated SQL injection exists in the authentication module when directory support is enabled. The root cause is improper sanitization of the user-provided username before using it in a local database query, allowing an attacker with valid, low-privil...

EUVD-2026-5525

Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 by default, the encryption key is the same across all customers' installations. NOTE: the Supplier's position is that the instanc...

CVE-2026-25815

Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 by default, the encryption key is the same across all customers' installations. NOTE: the Supplier's position is that the instanc...

CVE-2026-25815

CVE-2026-25815 affects Fortinet FortiOS up to and including 7.6.6. The issue stems from an encryption weakness where the default LDAP encryption key is the same across all installations, enabling attackers to decrypt LDAP credentials stored in device configuration files. Exploitation was observed...

CVE-2026-1966

CVE-2026-1966 affects YugabyteDB Anywhere. An authenticated user with access to the configuration view can see LDAP bind passwords configured via gflags in cleartext in the web UI, enabling potential unauthorized access to external directory services. The issue is described consistently across so...

EUVD-2026-5553

YugabyteDB Anywhere displays LDAP bind passwords configured via gflags in cleartext within the web UI. An authenticated user with access to the configuration view could obtain LDAP credentials, potentially enabling unauthorized access to external directory services...

CVE-2026-1966 YugabyteDB Anywhere Exposes LDAP Credentials in Cleartext in Web UI

YugabyteDB Anywhere displays LDAP bind passwords configured via gflags in cleartext within the web UI. An authenticated user with access to the configuration view could obtain LDAP credentials, potentially enabling unauthorized access to external directory services...

CVE-2025-13164 Digiwin｜EasyFlow GP - Insufficiently Protected Credentials

EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext credentials of AD and system mail from the system frontend...

EUVD-2010-0245

Malware in sbrugna...

EUVD-2020-6009

Malware in sbrugna...

EUVD-2016-3243

Malware in sbrugna...

Checkmk 安全漏洞

Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk versions prior to 2.3.0p27, prior to 2.2.0p40, and 2.1.0p51, which stems from LDAP credentials being written to an Apache error log file...

CVE-2024-42348

FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.2 can leak AD username and password when registering a computer. This vulnerability is fixed in 1.5.10.41.3 and 1.6.0-beta.1395...

GHSA-C25H-C27Q-5QPV Keycloak leaks configured LDAP bind credentials through the Keycloak admin console

Impact The LDAP testing endpoint allows to change the Connection URL independently of and without having to re-enter the currently configured LDAP bind credentials. An attacker with admin access permission manage-realm can change the LDAP host URL "Connection URL" to a machine they control. The...

PT-2024-7256 · 1с · Bitrix24 +1

Name of the Vulnerable Software and Affected Versions: 1C-Bitrix Bitrix24 version 23.300.100 Description: The issue is related to insufficiently protected credentials in AD/LDAP server settings, allowing remote administrators to send AD/LDAP administrators' account passwords to an arbitrary serve...

GatesAIr Flexiva FM Transmitter Security Vulnerability

GatesAIr Flexiva FM Transmitter is an FM platform from GatesAIr, Inc. A security vulnerability exists in the GatesAIR Flexiva FM Transmitter/Exciter Fax 150W that could allow a remote attacker to gain privileges via LDAP and SMTP credentials...