Lucene search
+L

8137 matches found

CVE
CVE
•added 2026/06/30 10:54 p.m.•24 views

CVE-2026-50110

The CVE-2026-50110 entry concerns Storage Concentrator (SC & SCVM) that contains hardcoded credentials for numerous internal services embedded in a configuration file. The credentials are encoded but reversible to plaintext, exposing accounts for databases, licensing, replication, and third-party...

9.3CVSS5.8AI score0.00128EPSS
Exploits0References3
OSV
OSV
•added 2026/06/29 11:50 a.m.•6 views

PYSEC-2026-337 Use of hard-coded, security-relevant constants in deepset-ai/haystack

Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack in version 1.15.0 and prior. A patch is available at commit 5fc84904f198de661d5b933fde756aa922bf09f1...

9.8CVSS7.3AI score0.00843EPSS
Exploits1References7
OSV
OSV
•added 2026/06/29 11:50 a.m.•8 views

PYSEC-2026-285 AstrBot is vulnerable to RCE with hard-coded JWT signing keys

Summary AstrBot uses a hard-coded JWT signing key, allowing attackers to execute arbitrary commands by installing a malicious plugin. Details AstrBot uses a hard-coded JWT signing key, which allows attackers to bypass the authentication mechanism. Once bypassed, the attacker can install a Python...

9.8CVSS6.2AI score0.00281EPSS
Exploits2References8
OSV
OSV
•added 2026/06/29 5:59 a.m.•8 views

MAL-2026-6576 Malicious code in checkmarx-claude-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26a16e61d88e467ada75205ee93a9339cdf2fb65f3ded068282b4d83b6cb05e9 When the CLI runs the documented npx checkmarx-claude-cache invocation pattern, bin/cli.js performs an HTTPS GET to a hardcoded URL on a lookalike ho...

6.2AI score
Exploits0References2
Cvelist
Cvelist
•added 2026/06/26 10:52 p.m.•40 views

CVE-2026-31928 Daktronics Controller Firmware Use of Hard-coded Credentials

The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access...

9.3CVSS0.00569EPSS
Exploits0References2
CVE
CVE
•added 2026/06/25 11:13 p.m.•19 views

CVE-2026-9220

The CVE-2026-9220 entry describes a vulnerability in Setracker2 Android Companion App (package com.tgelec.setracker) affecting versions 3.1.5 and earlier. The underlying issue is that requests between the wearable and backend are encrypted with static, hardcoded AES keys and initialization vector...

8.7CVSS5.9AI score0.00232EPSS
Exploits0References1
Snyk
Snyk
•added 2026/06/22 4:15 a.m.•7 views

Use of Hard-coded Credentials

Overview com.linecorp.centraldogma:centraldogma-server is a service configuration repository based on Git, ZooKeeper and HTTP/2 centraldogma-server. Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the ZooKeeperReplicationConfig.secret when the replication.secr...

9.6CVSS6.2AI score0.00145EPSS
Exploits0References2
NVD
NVD
•added 2026/06/22 3:16 a.m.•12 views

CVE-2026-11746

A vulnerability has been identified in centraldogma-server versions prior to 0.84.0, where enabling ZooKeeper replication without setting replication.secret causes the server to silently fall back to a hard-coded, publicly known secret. This default credential authenticates the embedded ZooKeeper...

9.4CVSS0.00145EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/22 2:35 a.m.•8 views

EUVD-2026-38207

A vulnerability has been identified in centraldogma-server versions prior to 0.84.0, where enabling ZooKeeper replication without setting replication.secret causes the server to silently fall back to a hard-coded, publicly known secret. This default credential authenticates the embedded ZooKeeper...

9.4CVSS6.1AI score0.00145EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
•added 2026/06/19 8:46 p.m.•15 views

Security Bulletin: IBM Operational Decision Manager - Multiple CVEs addressed related to SOLR and its dependencies (such as Jetty) affecting ODM-9.0.0 and older versions

Summary This Security bulletin addresses vulnerabilities in Apache Solr and its dependencies including Eclipse Jetty that might affect IBM Operational Decision Manager version 9.0.0 and older versions. Vulnerability Details CVEID:CVE-2026-2332 DESCRIPTION: In Eclipse Jetty, the HTTP/1.1 parser is...

9.1CVSS6.8AI score0.01127EPSS
Exploits2Affected Software1
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•13 views

EUVD-2026-37646

Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Room Air Conditioners for Japan and outside Japan; Wireless LAN Adapters for Room Air Conditioners for Japan and outside Japan; Wireless LAN Adapters for Packaged Air Conditioners for Japan and outside Japan; Refrigerators for...

7.2CVSS5.3AI score0.00151EPSS
Exploits0References3
NVD
NVD
•added 2026/06/17 1:20 p.m.•9 views

CVE-2026-5667

Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Room Air Conditioners for Japan and outside Japan; Wireless LAN Adapters for Room Air Conditioners for Japan and outside Japan; Wireless LAN Adapters for Packaged Air Conditioners for Japan and outside Japan; Refrigerators for...

7.2CVSS0.00151EPSS
Exploits0References2
CVE
CVE
•added 2026/06/17 10:53 a.m.•25 views

CVE-2026-5667

Technical details (affected models, root cause specifics, versions, and fixes) are not publicly available in the provided documents. Monitor for updates as more information may be released.

7.2CVSS5.3AI score0.00151EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/06/17 10:53 a.m.•38 views

CVE-2026-5667 Information Disclosure, Information Tampering, or Denial-of-Service (DoS) Vulnerability in Multiple Home Appliances

Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Room Air Conditioners for Japan and outside Japan; Wireless LAN Adapters for Room Air Conditioners for Japan and outside Japan; Wireless LAN Adapters for Packaged Air Conditioners for Japan and outside Japan; Refrigerators for...

7.2CVSS0.00151EPSS
Exploits0References2
Positive Technologies
Positive Technologies
•added 2026/06/17 12:0 a.m.•21 views

PT-2026-50362

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric Room Air Conditioners affected versions not specified Mitsubishi Electric Wireless LAN Adapters for Room Air Conditioners affected versions not specified Mitsubishi Electric Wireless LAN Adapters for Packaged Air Conditione...

7.2CVSS5.3AI score0.00151EPSS
Exploits0References8
Snyk
Snyk
•added 2026/06/16 8:13 p.m.•8 views

Use of Hard-coded Credentials

Overview Crawl4AI is a šŸš€šŸ¤– Crawl4AI: Open-source LLM Friendly Web Crawler & scraper Affected versions of this package are vulnerable to Use of Hard-coded Credentials via the outputpath parameter, which allows arbitrary filesystem paths without validation. An attacker can overwrite or create files ...

9.8CVSS6.1AI score0.00421EPSS
Exploits0References6
CVE
CVE
•added 2026/06/16 6:19 p.m.•19 views

CVE-2026-22312

CVE-2026-22312 affects Radiflow iSAP Smart Collector. The device exposes a webserver REST API authenticated with a constant token, enabling an unauthenticated client to access system settings, modify configuration, and execute commands (e.g., system reboot). CVSS 3.1 indicates NETWORK attack vect...

8.6CVSS5.5AI score0.00232EPSS
Exploits0References1
EUVD
EUVD
•added 2026/06/16 12:34 a.m.•13 views

EUVD-2026-37020

Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

6.9CVSS5.3AI score0.00232EPSS
Exploits0References5
NVD
NVD
•added 2026/06/16 12:16 a.m.•10 views

CVE-2026-9260

Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

9.8CVSS0.00232EPSS
Exploits0References4
CVE
CVE
•added 2026/06/15 11:38 p.m.•25 views

CVE-2026-9260

CVE-2026-9260 concerns the Canon EOS Network Setting Tool, affected in version 1.5.0 or earlier. The underlying issue is the use of hard-coded cryptographic keys, which can undermine confidentiality, integrity, and availability of communications or data protected by these keys. The CVSS data indi...

9.8CVSS5.3AI score0.00232EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder