Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3038 matches found

RedhatCVE
RedhatCVEadded 2026/01/29 9:24 a.m.4 views

CVE-2025-40537

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

7.5CVSS5.8AI score0.00534EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2026/01/29 5:6 a.m.449 views

xtream-ui-security-audit

🔐 Xtream UI Security Audit & Exploitation Framework !Python...

6AI score
Exploits0
RedhatCVE
RedhatCVEadded 2026/01/29 3:26 a.m.6 views

CVE-2026-24840

Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a hardcoded credential in the provided installation script located at https://dokploy.com/install.sh, line 154 uses a hardcoded password when creating the database container. This means that nearly all Dokpl...

8.8CVSS5.9AI score0.00334EPSS
Exploits1References1
OSV
OSVadded 2026/01/28 8:16 a.m.5 views

CVE-2025-40537

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

7.5CVSS5.7AI score0.00534EPSS
Exploits0References2
NVD
NVDadded 2026/01/28 8:16 a.m.7 views

CVE-2025-40537

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

7.5CVSS0.00534EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/01/28 7:31 a.m.26 views

CVE-2025-40537 SolarWinds Web Help Desk Hardcoded Credentials Vulnerability

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

7.5CVSS0.00534EPSS
Exploits0References2
EUVD
EUVDadded 2026/01/28 7:31 a.m.5 views

EUVD-2025-206422

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

7.5CVSS5.8AI score0.00534EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/01/28 7:31 a.m.2 views

CVE-2025-40537 SolarWinds Web Help Desk Hardcoded Credentials Vulnerability

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

7.5CVSS5.8AI score0.00534EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/01/28 7:31 a.m.6 views

CVE-2025-40537

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions...

7.5CVSS5.8AI score0.00534EPSS
Exploits0References3
CVE
CVEadded 2026/01/28 7:31 a.m.20 views

CVE-2025-40537

SolarWinds Web Help Desk (WHD) is affected by CVE-2025-40537, a hard-coded credentials vulnerability that could allow access to administrative functions. The issue is addressed in WHD version 2026.1 (fixes for multiple WHD flaws, including 40537). The CVE is discussed alongside related WHD flaws ...

7.5CVSS5.8AI score0.00534EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2026/01/28 12:15 a.m.35 views

CVE-2026-24840 Dokploy uses hardcoded credentials in installation script, which could result in database access

Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a hardcoded credential in the provided installation script located at https://dokploy.com/install.sh, line 154 uses a hardcoded password when creating the database container. This means that nearly all Dokpl...

8CVSS0.00334EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2026/01/28 12:15 a.m.4 views

CVE-2026-24840 Dokploy uses hardcoded credentials in installation script, which could result in database access

Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a hardcoded credential in the provided installation script located at https://dokploy.com/install.sh, line 154 uses a hardcoded password when creating the database container. This means that nearly all Dokpl...

8CVSS5.9AI score0.00334EPSS
Exploits1References2
CVE
CVEadded 2026/01/28 12:15 a.m.16 views

CVE-2026-24840

CVE-2026-24840 affects Dokploy PaaS. In versions prior to 0.26.6, the installation script at install.sh contains a hardcoded database credential (line 154), causing nearly all deployments to share the same password and enabling potential compromise of the database container. Red Hat/NVD/CVE listi...

8.8CVSS5.9AI score0.00334EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2026/01/28 12:0 a.m.7 views

PT-2026-5072

Name of the Vulnerable Software and Affected Versions SolarWinds Web Help Desk versions prior to 12.8.1 Description SolarWinds Web Help Desk is susceptible to a hardcoded credentials issue that, in certain scenarios, could allow access to administrative functions. Attackers can identify exposed...

7.5CVSS5.6AI score0.00534EPSS
Exploits0References15
RedhatCVE
RedhatCVEadded 2026/01/27 3:23 p.m.4 views

CVE-2025-59091

Multiple hardcoded credentials have been identified, which are allowed to sign-in to the exos 9300 datapoint server running on port 1004 and 1005. This server is used for relaying status information from and to the Access Managers. This information, among other things, is used to graphically...

9.3CVSS6AI score0.00759EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/27 3:23 p.m.8 views

CVE-2025-59103

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...

9.2CVSS5.8AI score0.00403EPSS
Exploits0References1
NVD
NVDadded 2026/01/26 10:16 a.m.5 views

CVE-2025-59091

Multiple hardcoded credentials have been identified, which are allowed to sign-in to the exos 9300 datapoint server running on port 1004 and 1005. This server is used for relaying status information from and to the Access Managers. This information, among other things, is used to graphically...

9.3CVSS0.00759EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/01/26 10:3 a.m.29 views

CVE-2025-59091 Hardcoded Legacy Accounts Allowing Control Over Access Managers in dormakaba Kaba exos 9300

Multiple hardcoded credentials have been identified, which are allowed to sign-in to the exos 9300 datapoint server running on port 1004 and 1005. This server is used for relaying status information from and to the Access Managers. This information, among other things, is used to graphically...

9.3CVSS0.00759EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/01/26 10:3 a.m.2 views

CVE-2025-59091 Hardcoded Legacy Accounts Allowing Control Over Access Managers in dormakaba Kaba exos 9300

Multiple hardcoded credentials have been identified, which are allowed to sign-in to the exos 9300 datapoint server running on port 1004 and 1005. This server is used for relaying status information from and to the Access Managers. This information, among other things, is used to graphically...

9.3CVSS6AI score0.00759EPSS
Exploits0References3
EUVD
EUVDadded 2026/01/26 10:3 a.m.6 views

EUVD-2025-206352

Multiple hardcoded credentials have been identified, which are allowed to sign-in to the exos 9300 datapoint server running on port 1004 and 1005. This server is used for relaying status information from and to the Access Managers. This information, among other things, is used to graphically...

9.3CVSS6AI score0.00759EPSS
Exploits0References3
Rows per page
Query Builder