EUVD-2026-27840

Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.This issue affects WatchGuard Agent: before 1.25.03.0000...

CVE-2026-6787

Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.This issue affects WatchGuard Agent: before 1.25.03.0000...

CVE-2026-6787 Usage of a hard-coded cryptographic key in WatchGuard Agent allows inclusion of code into existing process

Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.This issue affects WatchGuard Agent: before 1.25.03.0000...

CVE-2026-6787

The CVE-2026-6787 issue affects WatchGuard Agent on Windows prior to version 1.25.03.0000. It is a local, low-privilege vulnerability caused by a hard-coded cryptographic key that allows inclusion of code into an existing process, with high impact to confidentiality, integrity, and availability. ...

CVE-2026-6787 Usage of a hard-coded cryptographic key in WatchGuard Agent allows inclusion of code into existing process

Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.This issue affects WatchGuard Agent: before 1.25.03.0000...

CVE-2026-6787

Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.This issue affects WatchGuard Agent: before 1.25.03.0000...

WatchGuard Agent 安全漏洞

WatchGuard Agent is a terminal security protection and device management agent provided by the American company WatchGuard. Versions of WatchGuard Agent prior to 1.25.03.0000 contain security vulnerabilities. These vulnerabilities stem from the use of hard-coded encryption keys, which may lead to...

Vvveb 访问控制错误漏洞

Vvveb is a powerful and easy-to-use CMS developed by Givan’s individual developers. It is used to build websites, blogs, or e-commerce stores. Versions of Vvveb prior to 1.0.8.2 contained an access control vulnerability. This vulnerability stemmed from hard-coded credentials in the...

PT-2026-37646

Name of the Vulnerable Software and Affected Versions WatchGuard Agent versions prior to 1.25.03.0000 Description The use of a hard-coded cryptographic key in WatchGuard Agent on Windows allows for the inclusion of code in an existing process. Recommendations Update to version 1.25.03.0000 or lat...

PT-2026-38219

Name of the Vulnerable Software and Affected Versions Vvveb versions prior to 1.0.8.2 Description A hard-coded credentials issue exists in the docker-compose-apache.yaml configuration. This allows unauthenticated attackers to access the bundled phpMyAdmin container using pre-configured database...

PT-2026-38224

Name of the Vulnerable Software and Affected Versions PicoTronica e-Clinic Healthcare System ECHS version 5.7 Description A flaw in the file /cdemos/echs/priv/echs.js allows remote attackers to exploit hard-coded credentials through the manipulation of the ADMIN KEY argument. Recommendations...

Use of Hard-coded Credentials

Overview ogham-mcp is a Shared memory MCP server — persistent, searchable, cross-client Affected versions of this package are vulnerable to Use of Hard-coded Credentials due to hardcoded credentials present in the source files, including development database URLs and an API key. An attacker can...

CVE-2026-7579

A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of the component Dashboard. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The...

Security Bulletin:WebSphere Application Server Liberty could provide weaker than expected security (CVE-2025-14923)

Summary WebSphere Application Server Liberty could provide weaker than expected security Vulnerability Details CVEID:CVE-2025-14923 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than expected securit...

D-Link DIR-605L 信任管理问题漏洞

The D-Link DIR-605L is a wireless router produced by D-Link Corporation. The D-Link DIR-605L in the Hardware Revision A1 version has a trust management vulnerability. This vulnerability stems from a hard-coded telnet backdoor, which allows unauthorized attackers on the local network to obtain roo...

D-Link DIR-600L 信任管理问题漏洞

The D-Link DIR-600L is an entry-level wireless router from D-Link Corporation. It supports 150Mbps wireless transmission and has 4 Gigabit wired ports. The DIR-600L has a trust management vulnerability, which stems from a hard-coded telnet backdoor. This vulnerability could allow unauthenticated...

Use of Hard-coded Password

Overview AstrBot is a 易上手的多平台 LLM 聊天机器人及开发框架 Affected versions of this package are vulnerable to Use of Hard-coded Password in the Dashboard process due to the use of hard-coded credentials in astrbot/dashboard/routes/auth.py. An attacker can gain unauthorized access and potentially compromise...

AstrBot Makes Use of Hard-coded Password

A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of the component Dashboard. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The...

GHSA-MQ9Q-25HM-G4GP AstrBot Makes Use of Hard-coded Password

A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of the component Dashboard. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The...

CVE-2026-7579

A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of the component Dashboard. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The...