Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8068 matches found

CVE
CVEadded 2026/03/11 5:25 a.m.11 views

CVE-2026-24448

CVE-2026-24448 describes a hard-coded credentials issue affecting MR-GM5L-S1 and MR-GM5A-L1, enabling an attacker to obtain administrative access via a network vector. The provided metrics indicate Critical impact across confidentiality, integrity, and availability, with CVSS v3.0/4.0 scores of 9...

9.8CVSS7.3AI score0.00392EPSS
Exploits0References2
Snyk
Snykadded 2026/03/11 12:37 a.m.2 views

Use of Hard-coded Credentials

Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the JWKS resolver, which can be exposed if a fetch operation fails. An attacker can obtain private keys by forcing such a failure. Note: The keys are exposed even if RequestAuthentication is in use...

8.7CVSS5.8AI score0.00279EPSS
Exploits0References2
Snyk
Snykadded 2026/03/11 12:37 a.m.3 views

Use of Hard-coded Credentials

Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the JWKS resolver, which can be exposed if a fetch operation fails. An attacker can obtain private keys by forcing such a failure. Note: The keys are exposed even if RequestAuthentication is in use...

8.7CVSS5.8AI score0.00279EPSS
Exploits0References2
Snyk
Snykadded 2026/03/11 12:37 a.m.3 views

Use of Hard-coded Credentials

Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the JWKS resolver, which can be exposed if a fetch operation fails. An attacker can obtain private keys by forcing such a failure. Note: The keys are exposed even if RequestAuthentication is in use...

8.7CVSS5.8AI score0.00279EPSS
Exploits0References2
Snyk
Snykadded 2026/03/11 12:37 a.m.4 views

Use of Hard-coded Credentials

Overview Affected versions of this package are vulnerable to Use of Hard-coded Credentials in the JWKS resolver, which can be exposed if a fetch operation fails. An attacker can obtain private keys by forcing such a failure. Note: The keys are exposed even if RequestAuthentication is in use...

8.7CVSS5.8AI score0.00279EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/03/11 12:0 a.m.4 views

PT-2026-24894

A security flaw has been discovered in perfree go-fastdfs-web up to 1.3.7. This affects the function rememberMeManager of the file src/main/java/com/perfree/config/ShiroConfig.java of the component Apache Shiro RememberMe. Performing a manipulation results in use of hard-coded cryptographic key...

6.3CVSS5.1AI score0.00355EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/03/11 12:0 a.m.27 views

CVE-2025-70041

An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...

0.00445EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/03/11 12:0 a.m.1 views

CVE-2025-70041

An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...

5.8AI score0.00445EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/03/11 12:0 a.m.4 views

ThermaKube 安全漏洞

ThermaKube is a Kubernetes cluster monitoring and visualization tool released as a beta version by Open Source Labs. There is a security vulnerability in ThermaKube, which stems from the use of hard-coded passwords...

9.8CVSS5.8AI score0.00445EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/03/11 12:0 a.m.5 views

PT-2026-24828

Name of the Vulnerable Software and Affected Versions oslabs-beta ThermaKube master affected versions not specified Description The software contains a hard-coded password. This relates to CWE-259, which involves the use of passwords directly embedded within the code. Recommendations At the momen...

9.8CVSS5.8AI score0.00445EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/03/11 12:0 a.m.4 views

PT-2026-24578

Name of the Vulnerable Software and Affected Versions MR-GM5L-S1 MR-GM5A-L1 Description A hard-coded credentials issue exists in the software, potentially allowing an attacker to gain administrative access. Recommendations At the moment, there is no information about a newer version that contains...

9.8CVSS7.3AI score0.00392EPSS
Exploits0References9
ATTACKERKB
ATTACKERKBadded 2026/03/11 12:0 a.m.4 views

CVE-2025-70041

An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master...

5.8AI score0.00445EPSS
Exploits0References4
CVE
CVEadded 2026/03/11 12:0 a.m.6 views

CVE-2025-70041

Technical details are not publicly available in the provided documents for CVE-2025-70041; monitor for updates.

9.8CVSS5.8AI score0.00445EPSS
Exploits0References3
EUVD
EUVDadded 2026/03/10 6:31 p.m.5 views

EUVD-2025-208473

CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...

7.5CVSS6.3AI score0.00679EPSS
Exploits0References2
EUVD
EUVDadded 2026/03/10 6:31 p.m.4 views

EUVD-2025-208474

CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...

7.5CVSS6.3AI score0.00679EPSS
Exploits0References2
NVD
NVDadded 2026/03/10 6:17 p.m.4 views

CVE-2025-13957

CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...

7.5CVSS0.00679EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/10 12:19 p.m.23 views

CVE-2025-13957

CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...

7.5CVSS0.00679EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/03/10 12:19 p.m.5 views

CVE-2025-13957

CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...

7.5CVSS6.3AI score0.00679EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2026/03/10 12:19 p.m.16 views

CVE-2025-13957

Summary: CVE-2025-13957 is a CWE-798 vulnerability involving hard-coded credentials that could lead to information disclosure and remote code execution when SOCKS Proxy is enabled, if administrator and PostgreSQL credentials are known. The issue is associated with Schneider Electric EcoStruxure I...

7.5CVSS6.3AI score0.00679EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/10 12:19 p.m.2 views

CVE-2025-13957

CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...

7.5CVSS6.3AI score0.00679EPSS
Exploits0References1
Rows per page
Query Builder