CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/02/03 12:0 a.m.•4 views

CVE-2025-69971

5.5AI score0.02036EPSS

Exploits0References2

Positive Technologies•added 2026/02/03 12:0 a.m.•6 views

PT-2026-5979

Name of the Vulnerable Software and Affected Versions FUXA version 1.2.7 Description The application uses a hard-coded secret key to sign and verify JWT Tokens. This allows remote attackers to forge valid admin tokens and bypass authentication, potentially gaining full administrative access. The...

9.8CVSS5.5AI score0.02036EPSS

Exploits0References8

Cvelist•added 2026/02/03 12:0 a.m.•28 views

CVE-2025-69971

0.02036EPSS

EUVD•added 2026/02/03 12:0 a.m.•6 views

EUVD-2025-206717

5.5AI score0.02036EPSS

CVE•added 2026/02/03 12:0 a.m.•10 views

CVE-2025-69971

FUXA v1.2.7 contains a hard-coded secret in server/api/jwt-helper.js used to sign and verify JWTs, enabling remote attackers to forge admin tokens and bypass authentication to gain full administrative access. This is documented by multiple sources (NVD entry and the Nuclei template) and indicates...

9.8CVSS5.5AI score0.02036EPSS

Exploits0References1Affected Software1

NCSC•added 2026/02/02 9:47 a.m.•8 views

Vulnerabilities fixed in SolarWinds Web Help Desk

SolarWinds has fixed vulnerabilities in SolarWinds Web Help Desk. The vulnerabilities include the ability for unauthenticated attackers to gain access to limited functionality within the system, the use of hard-coded credentials that could grant unauthorized access to administrative functions, an...

9.8CVSS6.2AI score0.8413EPSS

Exploits6References6

RedhatCVE•added 2026/01/30 9:23 p.m.•5 views

CVE-2026-1610

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is needed...

Tenable Nessus•added 2026/01/30 12:0 a.m.•9 views

Delta Electronics DIAView Hard-coded JWT Secret Key (CVE-2025-62581)

Binary data deltaelectronicsdiaviewcve-2025-62581.nbin...

9.8CVSS5.9AI score0.00525EPSS

Exploits0References2

NVD•added 2026/01/29 7:16 p.m.•6 views

CVE-2026-1610

9.2CVSS0.00673EPSS

OSV•added 2026/01/29 7:16 p.m.•3 views

CVE-2026-1610

8.1CVSS5.1AI score0.00673EPSS

Vulnrichment•added 2026/01/29 7:2 p.m.•4 views

CVE-2026-1610 Tenda AX12 Pro V2 Telnet Service hard-coded credentials

Cvelist•added 2026/01/29 7:2 p.m.•23 views

CVE-2026-1610 Tenda AX12 Pro V2 Telnet Service hard-coded credentials

9.2CVSS0.00673EPSS

EUVD•added 2026/01/29 7:2 p.m.•5 views

EUVD-2026-4968

ATTACKERKB•added 2026/01/29 7:2 p.m.•4 views

CVE-2026-1610

Exploits0References5Affected Software1

CVE•added 2026/01/29 7:2 p.m.•12 views

CVE-2026-1610

CVE-2026-1610 affects Tenda AX12 Pro V2 (firmware 16.03.49.24_cn). The Telnet Service contains a vulnerability that allows remote manipulation leading to hard-coded credentials. Exploitation is described as remote, with high complexity, and the exploit has been publicly disclosed. No remediation ...

Exploits0References5Affected Software1

The Hacker News•added 2026/01/29 9:0 a.m.•13 views

SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass

SolarWinds has released security updates to address multiple security vulnerabilities impacting SolarWinds Web Help Desk, including four critical vulnerabilities that could result in authentication bypass and remote code execution RCE. The list of vulnerabilities is as follows - CVE-2025-40536 CV...

9.8CVSS8.1AI score0.93159EPSS

Exploits12

Positive Technologies•added 2026/01/29 12:0 a.m.•11 views

PT-2026-5329

A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24 cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of complexity is neede...