CVE-2026-1958 Hard-coded passwords in KlinikaXP

Use of hard-coded credentials in Klinika XP and KlinikaXP Insertino allowed an unauthorized attacker access to several internal services. Critically, this included access to the FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious...

CVE-2026-1958

CVE-2026-1958 describes hard-coded credentials in KlinikaXP and KlinikaXP Insertino, enabling an unauthorized attacker to access internal services, notably the FTP server hosting update packages. The root cause is credentials embedded in the application, with exploitation potentially leading to u...

CVE-2026-1958

Use of hard-coded credentials in Klinika XP and KlinikaXP Insertino allowed an unauthorized attacker access to several internal services. Critically, this included access to the FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious...

PT-2026-27124

A vulnerability was determined in kalcaddle kodbox 1.64. Impacted is the function shareSafeGroup of the file /workspace/source-code/app/controller/explorer/shareOut.class.php of the component Site-level API key Handler. This manipulation of the argument sk causes use of hard-coded cryptographic k...

PT-2026-27137

Name of the Vulnerable Software and Affected Versions GoHarbor versions prior to 2.15.0 Description The use of hard-coded credentials in GoHarbor allows attackers to use the default password and gain access to the web user interface. Recommendations Update GoHarbor to version 2.15.0 or later...

TP-Link多款产品 安全漏洞

TP-LINK Archer is a series of routers produced by TP-LINK Corporation. Several TP-Link products have security vulnerabilities. These vulnerabilities stem from hard-coded encryption keys in the configuration mechanism, which may allow authenticated attackers to decrypt configuration files, modify...

PT-2026-27121

Name of the Vulnerable Software and Affected Versions KlinikaXP versions prior to 5.39.01.01 KlinikaXP Insertino versions prior to 3.1.0.1 Description The use of hard-coded credentials in KlinikaXP and KlinikaXP Insertino allowed an unauthorized attacker access to internal services, including the...

EUVD-2026-13720

A use of hard-coded credentials vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later...

CVE-2026-22900

A use of hard-coded credentials vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later...

CVE-2026-22900

A use of hard-coded credentials vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later...

CVE-2026-22900

CVE-2026-22900 details (QuNetSwitch) : A use of hard-coded credentials vulnerability affects QuNetSwitch, enabling remote attackers to gain unauthorized access. The issue is rated CVSSv4 base score 8.8 (HIGH) with NETWORK attack vector, LOW attack complexity, no privileges required, and no user i...

CVE-2026-22900 QuNetSwitch

A use of hard-coded credentials vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later...

CVE-2026-22900 QuNetSwitch

A use of hard-coded credentials vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later...

EUVD-2026-13591

A vulnerability has been found in Yi Technology YI Home Camera 2 2.1.120171024151200. The affected element is an unknown function of the file home/web/ipc. Such manipulation leads to hard-coded credentials. Access to the local network is required for this attack to succeed. The exploit has been...

EUVD-2026-13600

A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.120171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can only be done within the local network. This attack is...

CVE-2026-4477

A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.120171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can only be done within the local network. This attack is...

CVE-2026-4475

A vulnerability has been found in Yi Technology YI Home Camera 2 2.1.120171024151200. The affected element is an unknown function of the file home/web/ipc. Such manipulation leads to hard-coded credentials. Access to the local network is required for this attack to succeed. The exploit has been...

CVE-2026-4477 Yi Technology YI Home Camera WPA/WPS hard-coded key

A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.120171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can only be done within the local network. This attack is...

CVE-2026-4477

A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.120171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can only be done within the local network. This attack is...

CVE-2026-4477 Yi Technology YI Home Camera WPA/WPS hard-coded key

A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.120171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can only be done within the local network. This attack is...