SolarWinds Web Help Desk Trust Management Vulnerability

SolarWinds Web Help Desk is a service desk and asset management software provided by the American company SolarWinds. This software supports centralized knowledge bases, IT asset management, project and task management functions, etc. There is a vulnerability related to trust management in...

CVE-2025-59095

The program libraries DLL and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt" in the library Kaba.EXOS.common.dll. This algorithm uses a simple XOR encryption technique combined with a cryptographic key cryptoKey to transform...

CVE-2025-59096

The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...

CVE-2026-22586

Hard-coded Cryptographic Key vulnerability in Salesforce Marketing Cloud Engagement CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage modules allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January...

CVE-2025-59096

The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...

CVE-2025-59096

CVE-2025-59096 describes a weak default password in dormakaba Kaba exos 9300 (U9ExosAdmin.exe, extended admin mode). Root cause: hard-coded default password present in multiple locations and in local user docs. Impact (per provided data): local attacker with HIGH privileges and LOCAL access could...

EUVD-2025-206360

The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...

CVE-2025-59096 Weak Default Password in dormakaba Kaba exos 9300

The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...

CVE-2025-59096

The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...

CVE-2025-59095

The program libraries DLL and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt" in the library Kaba.EXOS.common.dll. This algorithm uses a simple XOR encryption technique combined with a cryptographic key cryptoKey to transform...

CVE-2025-59095 Hard-coded Key for PIN Encryption in dormakaba Kaba exos 9300

The program libraries DLL and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt" in the library Kaba.EXOS.common.dll. This algorithm uses a simple XOR encryption technique combined with a cryptographic key cryptoKey to transform...

CVE-2025-59095

CVE-2025-59095 affects dormakaba Kaba exos 9300 software. Public descriptions in multiple sources indicate that DLLs/binaries (notably Kaba.EXOS.common.dll) use a hard-coded, static cryptoKey with a simple XOR-based encrypt/decrypt routine to process user PINs before storing them in MSSQL. The ro...

CVE-2025-59095 Hard-coded Key for PIN Encryption in dormakaba Kaba exos 9300

The program libraries DLL and binaries used by exos 9300 contain multiple hard-coded secrets. One notable example is the function "EncryptAndDecrypt" in the library Kaba.EXOS.common.dll. This algorithm uses a simple XOR encryption technique combined with a cryptographic key cryptoKey to transform...

PT-2026-4746

The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...

Dormakaba Access Manager security vulnerabilities

The Dormakaba Access Manager is a smart hardware controller developed by the Dormakaba company in the United States. There are security vulnerabilities in the Dormakaba Access Manager 92xx K7 version. These vulnerabilities stem from hard-coded weak passwords in the SSH service, which may allow...

CVE-2026-22586

Hard-coded Cryptographic Key vulnerability in Salesforce Marketing Cloud Engagement CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage modules allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January...

CVE-2026-22586

Hard-coded Cryptographic Key vulnerability in Salesforce Marketing Cloud Engagement CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage modules allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January...

CVE-2026-22586

Hard-coded Cryptographic Key vulnerability in Salesforce Marketing Cloud Engagement CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage modules allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January...

CVE-2026-22586

Hard-coded Cryptographic Key vulnerability in Salesforce Marketing Cloud Engagement CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage modules allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January...

CVE-2026-22586

The CVE-2026-22586 entry concerns Salesforce Marketing Cloud Engagement, specifically modules such as CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, and View As Webpage. The root cause is a hard-coded cryptographic key that enables Web Services Protocol Manipu...