8031 matches found
PT-2026-37646
Name of the Vulnerable Software and Affected Versions WatchGuard Agent versions prior to 1.25.03.0000 Description The use of a hard-coded cryptographic key in WatchGuard Agent on Windows allows for the inclusion of code in an existing process. Recommendations Update to version 1.25.03.0000 or lat...
PT-2026-38224
Name of the Vulnerable Software and Affected Versions PicoTronica e-Clinic Healthcare System ECHS version 5.7 Description A flaw in the file /cdemos/echs/priv/echs.js allows remote attackers to exploit hard-coded credentials through the manipulation of the ADMIN KEY argument. Recommendations...
PT-2026-38219
Name of the Vulnerable Software and Affected Versions Vvveb versions prior to 1.0.8.2 Description A hard-coded credentials issue exists in the docker-compose-apache.yaml configuration. This allows unauthenticated attackers to access the bundled phpMyAdmin container using pre-configured database...
WatchGuard Agent 安全漏洞
WatchGuard Agent is a terminal security protection and device management agent provided by the American company WatchGuard. Versions of WatchGuard Agent prior to 1.25.03.0000 contain security vulnerabilities. These vulnerabilities stem from the use of hard-coded encryption keys, which may lead to...
Use of Hard-coded Credentials
Overview ogham-mcp is a Shared memory MCP server — persistent, searchable, cross-client Affected versions of this package are vulnerable to Use of Hard-coded Credentials due to hardcoded credentials present in the source files, including development database URLs and an API key. An attacker can...
CVE-2026-7579
A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of the component Dashboard. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The...
Security Bulletin:WebSphere Application Server Liberty could provide weaker than expected security (CVE-2025-14923)
Summary WebSphere Application Server Liberty could provide weaker than expected security Vulnerability Details CVEID:CVE-2025-14923 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than expected securit...
D-Link DIR-605L 信任管理问题漏洞
The D-Link DIR-605L is a wireless router produced by D-Link Corporation. The D-Link DIR-605L in the Hardware Revision A1 version has a trust management vulnerability. This vulnerability stems from a hard-coded telnet backdoor, which allows unauthorized attackers on the local network to obtain roo...
D-Link DIR-600L 信任管理问题漏洞
The D-Link DIR-600L is an entry-level wireless router from D-Link Corporation. It supports 150Mbps wireless transmission and has 4 Gigabit wired ports. The DIR-600L has a trust management vulnerability, which stems from a hard-coded telnet backdoor. This vulnerability could allow unauthenticated...
Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: batman-adv: fixed OOB read/write in network-coding decode. batadvncskbdecodepacket relies on codedlen and only checks against skb-len. The XOR operation starts at sizeofstruct batadvunicastpacket, which reduces the payload...
GHSA-MQ9Q-25HM-G4GP AstrBot Makes Use of Hard-coded Password
A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of the component Dashboard. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The...
AstrBot Makes Use of Hard-coded Password
A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of the component Dashboard. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The...
Use of Hard-coded Password
Overview AstrBot is a 易上手的多平台 LLM 聊天机器人及开发框架 Affected versions of this package are vulnerable to Use of Hard-coded Password in the Dashboard process due to the use of hard-coded credentials in astrbot/dashboard/routes/auth.py. An attacker can gain unauthorized access and potentially compromise...
CVE-2026-7579
A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of the component Dashboard. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The...
CVE-2026-7579 AstrBotDevs AstrBot Dashboard auth.py hard-coded credentials
A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of the component Dashboard. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The...
CVE-2026-7579 AstrBotDevs AstrBot Dashboard auth.py hard-coded credentials
A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of the component Dashboard. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The...
EUVD-2026-26498
A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of the component Dashboard. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The...
CVE-2026-7579
A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of the component Dashboard. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The...
CVE-2026-7579
The vulnerability CVE-2026-7579 affects AstrBotDevs AstrBot (Dashboard component), specifically in the file astrbot/dashboard/routes/auth.py where hard-coded credentials are manipulated. This issue can be exploited remotely, and exploitation has been disclosed publicly. Affected software version ...
AstrBot 安全漏洞
AstrBot is an open-source multi-platform LLM chatbot and development framework created by AstrBot. Versions of AstrBot 4.16.0 and earlier contain security vulnerabilities. These vulnerabilities stem from a hard-coded credential issue in the Dashboard component’s file...