CVE-2026-27073 WordPress Addi – Cuotas que se adaptan a ti plugin <= 2.0.4 - Broken Authentication vulnerability

Use of Hard-coded Credentials vulnerability in Addi Addi Cuotas que se adaptan a ti buy-now-pay-later-addi allows Password Recovery Exploitation.This issue affects Addi Cuotas que se adaptan a ti: from n/a through = 2.0.4...

CVE-2026-27073

CVE-2026-27073 is a WordPress plugin issue affecting Addi – Cuotas que se adaptan a ti, 2.0.4. The available connected sources do not provide explicit exploit details or in-the-wild activity beyond the vulnerability description and fixes. If you use this plugin, prioritize upgrading to a non-vul...

SUSE CVE-2026-4404

Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...

IBM Concert 信任管理问题漏洞

IBM Concert is an enterprise-class collaboration and project management software from IBM. A security vulnerability exists in IBM Concert versions 1.0.0 through 2.2.0 that stems from fixed authentication information embedded in the software. An attacker could exploit the vulnerability to obtain...

PT-2026-28093

IBM Concert 1.0.0 through 2.2.0 contains hard-coded credentials that could be obtained by a local user...

PT-2026-27973

Name of the Vulnerable Software and Affected Versions Addi – Cuotas que se adaptan a ti versions n/a through 2.0.4 Description A flaw exists in Addi – Cuotas que se adaptan a ti buy-now-pay-later-addi that allows for exploitation of the password recovery function due to the use of hard-coded...

EUVD-2026-14427

A vulnerability was determined in kalcaddle kodbox 1.64. Impacted is the function shareSafeGroup of the file /workspace/source-code/app/controller/explorer/shareOut.class.php of the component Site-level API key Handler. This manipulation of the argument sk causes use of hard-coded cryptographic k...

EUVD-2026-14411

Use of hard-coded credentials in Klinika XP and KlinikaXP Insertino allowed an unauthorized attacker access to several internal services. Critically, this included access to the FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious...

Harbor allows the use of the default password for web UI login

Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...

GHSA-HJ7X-HMF2-HC2P Harbor allows the use of the default password for web UI login

Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...

CVE-2026-4404

Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...

CVE-2026-4404

CVE-2026-4404 affects Harbor

CVE-2026-4404 Use of hard coded credentials in GoHarbor Harbor

Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...

CVE-2026-4404

Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI...

CVE-2026-4588

A vulnerability was determined in kalcaddle kodbox 1.64. Impacted is the function shareSafeGroup of the file /workspace/source-code/app/controller/explorer/shareOut.class.php of the component Site-level API key Handler. This manipulation of the argument sk causes use of hard-coded cryptographic k...

CVE-2026-1958

Use of hard-coded credentials in Klinika XP and KlinikaXP Insertino allowed an unauthorized attacker access to several internal services. Critically, this included access to the FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious...

CVE-2026-4588

A vulnerability was determined in kalcaddle kodbox 1.64. Impacted is the function shareSafeGroup of the file /workspace/source-code/app/controller/explorer/shareOut.class.php of the component Site-level API key Handler. This manipulation of the argument sk causes use of hard-coded cryptographic k...

CVE-2026-4588

The CVE affects kalcaddle kodbox 1.64, specifically the Site-level API key Handler via the function shareSafeGroup in /workspace/source-code/app/controller/explorer/shareOut.class.php. The root cause is manipulation of the argument sk which leads to the use of a hard-coded cryptographic key. The ...

CVE-2026-4588 kalcaddle kodbox Site-level API key shareOut.class.php shareSafeGroup hard-coded key

A vulnerability was determined in kalcaddle kodbox 1.64. Impacted is the function shareSafeGroup of the file /workspace/source-code/app/controller/explorer/shareOut.class.php of the component Site-level API key Handler. This manipulation of the argument sk causes use of hard-coded cryptographic k...

CVE-2026-1958 Hard-coded passwords in KlinikaXP

Use of hard-coded credentials in Klinika XP and KlinikaXP Insertino allowed an unauthorized attacker access to several internal services. Critically, this included access to the FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious...