1110 matches found
CVE-2026-29023
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
PT-2026-24894
A security flaw has been discovered in perfree go-fastdfs-web up to 1.3.7. This affects the function rememberMeManager of the file src/main/java/com/perfree/config/ShiroConfig.java of the component Apache Shiro RememberMe. Performing a manipulation results in use of hard-coded cryptographic key...
EUVD-2026-10345
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
EUVD-2026-10344
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
CVE-2026-29023
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
CVE-2026-29023 Keygraph Shannon Hard-coded Router API Key
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
CVE-2026-29023
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
CVE-2026-29023 Keygraph Shannon Hard-coded Router API Key
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
PT-2026-24097
Name of the Vulnerable Software and Affected Versions Keygraph Shannon affected versions not specified Description Keygraph Shannon contains a hard-coded API key within its router configuration. When the router component is enabled and accessible, network attackers can use this publicly known key...
Use of Hard-coded Cryptographic Key
Overview @frangoteam/fuxa is a Web-based Process Visualization SCADA/HMI/Dashboard software Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key in the authentication process when a static fallback JWT signing secret is used if no custom secret is configured. An...
IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.3 (7261761)
The version of IBM WebSphere Application Server Liberty running on the remote host is affected by a vulnerability as referenced in the 7261761 advisory. - IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than expect...
CVE-2026-1442 Unitree UPK files Hard-Coded Key
Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker or anyone paying attention, the firmware updates may be altered by an unauthorized user, and then trusted by a Unitree product, such as the Unitree Go2 and other models...
CVE-2026-1442
CVE-2026-1442 describes a vulnerability in Unitree firmware update protection where the algorithm used to protect firmware updates is itself encrypted with key material accessible to an attacker. This could allow an unauthorized user to alter firmware updates and have them trusted by Unitree prod...
CVE-2026-1442 Unitree UPK files Hard-Coded Key
Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker or anyone paying attention, the firmware updates may be altered by an unauthorized user, and then trusted by a Unitree product, such as the Unitree Go2 and other models...
CVE-2026-27519
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections...
CVE-2026-27519
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections...
CVE-2026-27519
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections...
CVE-2026-27519 Binardat 10G08-0800GSM Network Switch Hard-coded RC4 Encryption Key
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections...
CVE-2026-27519
Binardat 10G08-0800GSM network switch firmware up to version V300SP10260209 uses RC4 with a hard-coded key embedded in client-side JavaScript. The static key enables an attacker to decrypt protected values, defeating confidentiality protections. Affected component: firmware (vulnerable RC4 implem...
CVE-2026-27519 Binardat 10G08-0800GSM Network Switch Hard-coded RC4 Encryption Key
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections...