8062 matches found
PT-2026-24204
Name of the Vulnerable Software and Affected Versions PostgreSQL affected versions not specified Description A security issue exists due to the use of hard-coded credentials. This could lead to information disclosure and remote code execution when the SOCKS Proxy is enabled, and administrator...
EUVD-2026-10345
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
EUVD-2026-10344
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
CVE-2026-29023
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
CVE-2026-29023 Keygraph Shannon Hard-coded Router API Key
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
CVE-2026-29023
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
CVE-2026-29023 Keygraph Shannon Hard-coded Router API Key
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
CVE-2026-29023
CVE-2026-29023 affects Keygraph Shannon’s router component. A hard-coded API key in the router configuration enables network attackers to authenticate if the router port is reachable, allowing them to proxy requests through the Shannon instance using the victim’s configured upstream provider API ...
PT-2026-24097
Name of the Vulnerable Software and Affected Versions Keygraph Shannon affected versions not specified Description Keygraph Shannon contains a hard-coded API key within its router configuration. When the router component is enabled and accessible, network attackers can use this publicly known key...
Use of Hard-coded Cryptographic Key
Overview @frangoteam/fuxa is a Web-based Process Visualization SCADA/HMI/Dashboard software Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key in the authentication process when a static fallback JWT signing secret is used if no custom secret is configured. An...
CVE-2025-70342
erase-install prior to v40.4 commit 2c31239 writes swiftDialog credential output to a hardcoded path /var/tmp/dialog.json. This allows an unauthenticated attacker to intercept admin credentials entered during reinstall/erase operations via creating a named pipe...
International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞
The International Datacasting SFX2100 SuperFlex Satellite Receiver is a professional broadcast-grade satellite signal receiving device developed by the International Datacasting company. The SFX2100 SuperFlex Satellite Receiver has a security vulnerability, which stems from the globally readable...
International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞
The International Datacasting SFX2100 SuperFlex Satellite Receiver is a professional broadcast-grade satellite signal receiving device developed by the International Datacasting company. The SFX2100 SuperFlex Satellite Receiver has a security vulnerability, which stems from hard-coded credentials...
International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞
The International Datacasting SFX2100 SuperFlex Satellite Receiver is a professional broadcast-grade satellite signal receiving device developed by the International Datacasting company. The SFX2100 SuperFlex Satellite Receiver has a security vulnerability, which stems from the inclusion of...
Weintek cMT 安全漏洞
Weintek cMT is a human-computer interface application developed by Weintek Corporation. Version 2.1.53 of Weintek cMT contains a security vulnerability, which stems from hard-coded passwords in the FTP protocol...
Weintek cMT-3072XH2 easyweb 安全漏洞
Weintek cMT-3072XH2 easyweb is an intelligent human-computer interaction interface developed by Weintek Company in Taiwan, China. The version v2.1.53 of Weintek cMT-3072XH2 easyweb contains a security vulnerability. This vulnerability stems from the presence of hard-coded encryption keys, which m...
IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.3 (7261761)
The version of IBM WebSphere Application Server Liberty running on the remote host is affected by a vulnerability as referenced in the 7261761 advisory. - IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than expect...
Malicious code in socketxio (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0ebdf2a14543a49aa2f1b1fdeb5a713a43da8326a370249ca370d9023283fb31 Using the provided function results in exfiltrating Discord tokens to a hardcoded location --- Category: MALICIOUS - The campaign has clearly malicious intent,...
Use of Hard-coded Credentials
Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Use of Hard-coded Credentials via the login/huggingface route, which retrieves the server's Hugging Face access token using the huggingfacehub.gettok...
PYSEC-2026-63
Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version 6.6.0, Gradio applications running outside of Hugging Face Spaces automatically enable "mocked" OAuth routes when OAuth components e.g. gr.LoginButton are used. When a user visi...