CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/02/02 5:16 a.m.•3 views

CVE-2026-25202

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1...

9.8CVSS0.00437EPSS

Cvelist•added 2026/02/02 4:49 a.m.•25 views

CVE-2026-25202

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1...

9.8CVSS0.00437EPSS

EUVD•added 2026/02/02 4:49 a.m.•4 views

EUVD-2026-5093

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1...

9.8CVSS5.3AI score0.00437EPSS

ATTACKERKB•added 2026/02/02 4:49 a.m.•2 views

CVE-2026-25202

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1...

9.8CVSS5.9AI score0.00437EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2026/02/02 4:49 a.m.•3 views

CVE-2026-25202

The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1...

9.8CVSS5.3AI score0.00437EPSS

CVE•added 2026/02/02 4:49 a.m.•12 views

CVE-2026-25202

The CVE-2026-25202 issue affects Samsung MagicINFO 9 Server prior to version 21.1090.1. The vulnerability arises from hard-coded database credentials (account and password), permitting login to the database and potential manipulation of data, with impact to confidentiality and integrity (as descr...

9.8CVSS5.9AI score0.00437EPSS

Exploits1References1Affected Software1

CNNVD•added 2026/02/02 12:0 a.m.•3 views

SAMSUNG MagicINFO 9 Server 安全漏洞

SAMSUNG MagicINFO 9 Server is an enterprise-level digital signage content management and device monitoring platform developed by South Korean company Samsung. Previous versions of SAMSUNG MagicINFO 9 Server, such as 21.1090.1, contained security vulnerabilities. These vulnerabilities stemmed from...

9.8CVSS5.8AI score0.00437EPSS

Exploits1References2

Positive Technologies•added 2026/02/02 12:0 a.m.•5 views

PT-2026-5607

Name of the Vulnerable Software and Affected Versions MagicINFO 9 Server versions prior to 21.1090.1 Description The database account and password are hardcoded, which allows login with the account to manipulate the database. This compromises the integrity and confidentiality of the database...

10CVSS5.4AI score0.00437EPSS

Exploits1References12

RedhatCVE•added 2026/01/29 9:24 a.m.•4 views

CVE-2025-40537

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

GithubExploit•added 2026/01/29 5:6 a.m.•436 views

Exploits0References1

xtream-ui-security-audit

🔐 Xtream UI Security Audit & Exploitation Framework !Python...

6AI score

Exploits0

RedhatCVE•added 2026/01/29 3:26 a.m.•5 views

CVE-2026-24840

Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a hardcoded credential in the provided installation script located at https://dokploy.com/install.sh, line 154 uses a hardcoded password when creating the database container. This means that nearly all Dokpl...

8.8CVSS5.9AI score0.00334EPSS

OSV•added 2026/01/28 8:16 a.m.•4 views

CVE-2025-40537

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

7.5CVSS5.7AI score0.00534EPSS

NVD•added 2026/01/28 8:16 a.m.•5 views

CVE-2025-40537

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

7.5CVSS0.00534EPSS

Cvelist•added 2026/01/28 7:31 a.m.•26 views

CVE-2025-40537 SolarWinds Web Help Desk Hardcoded Credentials Vulnerability

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

7.5CVSS0.00534EPSS

EUVD•added 2026/01/28 7:31 a.m.•4 views

EUVD-2025-206422

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

Vulnrichment•added 2026/01/28 7:31 a.m.•2 views

CVE-2025-40537 SolarWinds Web Help Desk Hardcoded Credentials Vulnerability

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

ATTACKERKB•added 2026/01/28 7:31 a.m.•6 views

CVE-2025-40537

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

CVE•added 2026/01/28 7:31 a.m.•18 views

Exploits0References3

CVE-2025-40537

SolarWinds Web Help Desk (WHD) is affected by CVE-2025-40537, a hard-coded credentials vulnerability that could allow access to administrative functions. The issue is addressed in WHD version 2026.1 (fixes for multiple WHD flaws, including 40537). The CVE is discussed alongside related WHD flaws ...