Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8087 matches found

OSV
OSVadded 2026/02/03 6:16 p.m.1 views

CVE-2025-69971

FUXA v1.2.7 contains a hard-coded credential vulnerability in server/api/jwt-helper.js. The application uses a hard-coded secret key to sign and verify JWT Tokens. This allows remote attackers to forge valid admin tokens and bypass authentication to gain full administrative access...

9.8CVSS5.6AI score
Exploits0References1
EUVD
EUVDadded 2026/02/03 12:0 a.m.2 views

EUVD-2025-206717

FUXA v1.2.7 contains a hard-coded credential vulnerability in server/api/jwt-helper.js. The application uses a hard-coded secret key to sign and verify JWT Tokens. This allows remote attackers to forge valid admin tokens and bypass authentication to gain full administrative access...

5.5AI score0.04529EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/02/03 12:0 a.m.2 views

CVE-2025-69971

FUXA v1.2.7 contains a hard-coded credential vulnerability in server/api/jwt-helper.js. The application uses a hard-coded secret key to sign and verify JWT Tokens. This allows remote attackers to forge valid admin tokens and bypass authentication to gain full administrative access...

5.5AI score0.04529EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/02/03 12:0 a.m.3 views

CVE-2025-69971

FUXA v1.2.7 contains a hard-coded credential vulnerability in server/api/jwt-helper.js. The application uses a hard-coded secret key to sign and verify JWT Tokens. This allows remote attackers to forge valid admin tokens and bypass authentication to gain full administrative access...

5.5AI score0.04529EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/02/03 12:0 a.m.23 views

CVE-2025-69971

FUXA v1.2.7 contains a hard-coded credential vulnerability in server/api/jwt-helper.js. The application uses a hard-coded secret key to sign and verify JWT Tokens. This allows remote attackers to forge valid admin tokens and bypass authentication to gain full administrative access...

0.04529EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/02/03 12:0 a.m.3 views

PT-2026-5979

Name of the Vulnerable Software and Affected Versions FUXA version 1.2.7 Description The application uses a hard-coded secret key to sign and verify JWT Tokens. This allows remote attackers to forge valid admin tokens and bypass authentication, potentially gaining full administrative access. The...

9.8CVSS5.5AI score0.04529EPSS
Exploits0References8
CVE
CVEadded 2026/02/03 12:0 a.m.7 views

CVE-2025-69971

FUXA v1.2.7 contains a hard-coded secret in server/api/jwt-helper.js used to sign and verify JWTs, enabling remote attackers to forge admin tokens and bypass authentication to gain full administrative access. This is documented by multiple sources (NVD entry and the Nuclei template) and indicates...

9.8CVSS5.5AI score0.04529EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2026/02/03 12:0 a.m.2 views

PT-2026-6348

FUXA v1.2.7 contains a hard-coded credential vulnerability in server/api/jwt-helper.js. The application uses a hard-coded secret key to sign and verify JWT Tokens. This allows remote attackers to forge valid admin tokens and bypass authentication to gain full administrative access...

9.3CVSS5.6AI score0.04529EPSS
Exploits0References4
NCSC
NCSCadded 2026/02/02 9:47 a.m.5 views

Vulnerabilities fixed in SolarWinds Web Help Desk

SolarWinds has fixed vulnerabilities in SolarWinds Web Help Desk. The vulnerabilities include the ability for unauthenticated attackers to gain access to limited functionality within the system, the use of hard-coded credentials that could grant unauthorized access to administrative functions, an...

9.8CVSS6.2AI score0.86967EPSS
Exploits6References6
RedhatCVE
RedhatCVEadded 2026/01/30 9:23 p.m.4 views

CVE-2026-1610

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...

9.2CVSS5.3AI score0.00053EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/01/30 12:0 a.m.4 views

Delta Electronics DIAView Hard-coded JWT Secret Key (CVE-2025-62581)

Binary data deltaelectronicsdiaviewcve-2025-62581.nbin...

9.8CVSS5.9AI score0.00026EPSS
Exploits0References2
OSV
OSVadded 2026/01/29 7:16 p.m.1 views

CVE-2026-1610

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...

8.1CVSS5.1AI score
Exploits0References5
NVD
NVDadded 2026/01/29 7:16 p.m.4 views

CVE-2026-1610

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...

9.2CVSS0.00053EPSS
Exploits0References5
CVE
CVEadded 2026/01/29 7:2 p.m.6 views

CVE-2026-1610

CVE-2026-1610 affects Tenda AX12 Pro V2 (firmware 16.03.49.24_cn). The Telnet Service contains a vulnerability that allows remote manipulation leading to hard-coded credentials. Exploitation is described as remote, with high complexity, and the exploit has been publicly disclosed. No remediation ...

9.2CVSS5.3AI score0.00053EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/29 7:2 p.m.3 views

CVE-2026-1610 Tenda AX12 Pro V2 Telnet Service hard-coded credentials

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...

9.2CVSS5.3AI score0.00053EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/01/29 7:2 p.m.3 views

CVE-2026-1610

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...

9.2CVSS5.3AI score0.00053EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2026/01/29 7:2 p.m.19 views

CVE-2026-1610 Tenda AX12 Pro V2 Telnet Service hard-coded credentials

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...

9.2CVSS0.00053EPSS
Exploits0References5
EUVD
EUVDadded 2026/01/29 7:2 p.m.4 views

EUVD-2026-4968

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...

9.2CVSS5.3AI score0.00053EPSS
Exploits0References5
The Hacker News
The Hacker Newsadded 2026/01/29 9:0 a.m.12 views

SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass

SolarWinds has released security updates to address multiple security vulnerabilities impacting SolarWinds Web Help Desk, including four critical vulnerabilities that could result in authentication bypass and remote code execution RCE. The list of vulnerabilities is as follows - CVE-2025-40536 CV...

9.8CVSS8.1AI score0.9429EPSS
Exploits12
CNNVD
CNNVDadded 2026/01/29 12:0 a.m.1 views

Tenda AX12 Pro Trust Management Vulnerability

The Tenda AX12 Pro is a router produced by the Chinese company Tenda. The Tenda AX12 Pro V2 16.03.49.24cn version has a vulnerability related to trust management. This vulnerability stems from hard-coded credentials in the Telnet Service...

9.2CVSS7.2AI score0.00053EPSS
Exploits0References6
Rows per page
Query Builder