Lucene search
K

1114 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/19 9:34 a.m.6 views

CVE-2026-31986

Use of Hard-coded Cryptographic Key vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

5.8AI score0.00421EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/19 9:34 a.m.12 views

EUVD-2026-30873

Use of Hard-coded Cryptographic Key vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

9.1CVSS5.8AI score0.00421EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 9:34 a.m.29 views

CVE-2026-31986

CVE-2026-31986 affects Apache OFBiz up to version 24.09.05 (pre-24.09.06). The issue is described as a use of a hard-coded cryptographic key, enabling unauthenticated access/impact via default JWT signing key and widget/template injection per CVE listings. The root cause is tied to a hard-coded k...

9.1CVSS5.8AI score0.00421EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/19 1:58 a.m.11 views

CVE-2026-8739

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefilekey results in use of hard-coded...

6.9CVSS5.6AI score0.00281EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.12 views

PT-2026-41855

Name of the Vulnerable Software and Affected Versions Apache OFBiz versions prior to 24.09.06 Description Apache OFBiz contains a hard-coded cryptographic key. This flaw may allow remote attackers to gain unauthorized access, expose sensitive data, or tamper with application data. Recommendations...

9.1CVSS5.8AI score0.00421EPSS
Exploits0References7
NVD
NVD
added 2026/05/17 8:16 a.m.17 views

CVE-2026-8739

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefilekey results in use of hard-coded...

6.9CVSS0.00281EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/17 7:45 a.m.10 views

CVE-2026-8739

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefilekey results in use of hard-coded...

6.9CVSS5.8AI score0.00281EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/17 7:45 a.m.45 views

CVE-2026-8739 Sanluan PublicCMS SafeConfigComponent.java getSignKey hard-coded key

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefilekey results in use of hard-coded...

6.9CVSS0.00281EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/17 7:45 a.m.20 views

EUVD-2026-30687

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefilekey results in use of hard-coded...

6.9CVSS5.8AI score0.00281EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/17 7:45 a.m.12 views

CVE-2026-8739 Sanluan PublicCMS SafeConfigComponent.java getSignKey hard-coded key

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefilekey results in use of hard-coded...

6.9CVSS5.8AI score0.00281EPSS
Exploits0References4
CVE
CVE
added 2026/05/17 7:45 a.m.21 views

CVE-2026-8739

Sanluan PublicCMS 5.202506.d is affected by CVE-2026-8739 in SafeConfigComponent.getSignKey. Manipulating the privatefile_key argument leads to use of a hard-coded cryptographic key, enabling a remote attack. The exploit is public and may be used; vendor contact about disclosure was unresponsive....

6.9CVSS5.8AI score0.00281EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.12 views

PT-2026-41525

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefile key results in use of hard-coded...

6.9CVSS5.8AI score0.00281EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/14 7:58 p.m.10 views

CVE-2026-44278

A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.2, FortiClientWindows 7.2 all versions may allow attacker to information disclosure via...

5.5CVSS5.8AI score0.00097EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/13 6:30 p.m.10 views

EUVD-2026-29935

ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...

6.9CVSS6.6AI score0.00124EPSS
Exploits0References3
NVD
NVD
added 2026/05/13 1:16 p.m.12 views

CVE-2026-25107

ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...

6.9CVSS0.00124EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/13 12:1 p.m.6 views

CVE-2026-25107

ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...

6.9CVSS6.6AI score0.00124EPSS
Exploits0References3Affected Software13
CVE
CVE
added 2026/05/13 12:1 p.m.19 views

CVE-2026-25107

The CVE-2026-25107 entry concerns ELECOM wireless LAN access point devices that use a hard-coded cryptographic key when creating configuration backups. A knowledgeable attacker could tamper a product’s backup configuration file, and a victim administrator could be tricked into loading a crafted c...

6.9CVSS6.6AI score0.00124EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/13 12:1 p.m.9 views

CVE-2026-25107

ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...

6.9CVSS6.6AI score0.00124EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/13 12:1 p.m.73 views

CVE-2026-25107

ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...

6.9CVSS0.00124EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.10 views

PT-2026-40593

ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...

6.9CVSS6.6AI score0.00124EPSS
Exploits0References2
Rows per page
Query Builder