CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/03/12 12:0 a.m.•5 views

Trane多款产品安全漏洞

9.8CVSS5.8AI score0.00266EPSS

Positive Technologies•added 2026/03/12 12:0 a.m.•5 views

PT-2026-24904

🚨 CVE-2025-59388 A use of hard-coded password vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed the vulnerability in the following version: Hyper Data Protector 2.3.1.455 and...

9.8CVSS5.8AI score0.00474EPSS

Exploits0References9

Positive Technologies•added 2026/03/12 12:0 a.m.•5 views

PT-2026-25029

A Use of Hard-coded, Security-relevant Constants vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information and take over accounts...

6.9CVSS5.7AI score0.00266EPSS

Positive Technologies•added 2026/03/12 12:0 a.m.•5 views

PT-2026-25028

A Use of Hard-coded Credentials vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information and take over accounts...

8.2CVSS5.7AI score0.00288EPSS

Tenable Nessus•added 2026/03/12 12:0 a.m.•5 views

EcoStruxure IT Data Center Expert <= 9.0 Use of Hard-coded Credentials (SEVD-2026-069-05)

The version of EcoStruxure IT Data Center Expert installed on the remote host is 9.0 or prior. It is, therefore, affected by a vulnerability as referenced in the SEVD-2026-069-05 advisory. - Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code...

7.5CVSS6.3AI score0.00679EPSS

NVD•added 2026/03/11 11:16 p.m.•7 views

CVE-2026-3963

6.3CVSS0.00355EPSS

Cvelist•added 2026/03/11 11:2 p.m.•32 views

CVE-2026-3963 perfree go-fastdfs-web Apache Shiro RememberMe ShiroConfig.java rememberMeManager hard-coded key

6.3CVSS0.00355EPSS

ATTACKERKB•added 2026/03/11 11:2 p.m.•3 views

CVE-2026-3963

6.3CVSS5.1AI score0.00355EPSS

Exploits0References4Affected Software1

CVE•added 2026/03/11 11:2 p.m.•16 views

CVE-2026-3963

The CVE-2026-3963 entry describes a vulnerability in perfree go-fastdfs-web (up to version 1.3.7) affecting the RememberMe functionality of Apache Shiro, specifically rememberMeManager in ShiroConfig.java. The root cause is the use of a hard-coded cryptographic key, enabling remote manipulation. ...

6.3CVSS5.1AI score0.00355EPSS

EUVD•added 2026/03/11 9:31 p.m.•6 views

EUVD-2025-208601

An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...

5.8AI score0.00445EPSS

NVD•added 2026/03/11 9:16 p.m.•3 views

CVE-2025-70041

An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...

9.8CVSS0.00445EPSS

Exploits0References3

RedhatCVE•added 2026/03/11 1:19 p.m.•5 views

CVE-2025-13957

CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...

7.5CVSS6.3AI score0.00679EPSS

RedhatCVE•added 2026/03/11 7:8 a.m.•3 views

CVE-2026-29023

Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...

7.3CVSS5.7AI score0.00243EPSS

EUVD•added 2026/03/11 6:31 a.m.•3 views

EUVD-2026-11091

Use of hard-coded credentials issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to obtain administrative access...

9.8CVSS7.3AI score0.00392EPSS

Exploits0References3

NVD•added 2026/03/11 6:17 a.m.•5 views

CVE-2026-24448

Use of hard-coded credentials issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to obtain administrative access...

9.8CVSS0.00392EPSS