Lucene search
+L

201 matches found

nuclei
nuclei
added yesterday52 views

D-Tale 3.10.0 - 3.15.1 - Authentication Bypass & Remote Code Execution

man-group/dtale 3.10.0 contains an authentication bypass and remote code execution caused by improper input validation and a hardcoded SECRETKEY in Flask configuration, letting attackers forge session cookies and execute arbitrary code, exploit requires attacker to access the application. id:...

9.8CVSS7.5AI score0.77803EPSS
Exploits5References2
nvd
nvd
added 2 days ago7 views

CVE-2026-49352

9Router is an AI router & token saver. From 0.2.21 until 0.4.44, 9Router used the hardcoded fallback JWT secret 9router-default-secret-change-me in src/app/api/auth/login/route.js, src/middleware.js, and later src/lib/auth/dashboardSession.js, allowing attackers to forge an authtoken cookie when...

9.8CVSS0.00601EPSS
Exploits1References3
cve
cve
added 2 days ago42 views

CVE-2026-49352

CVE-2026-49352 affects 9router, a Node.js/Next.js AI router. The vulnerability stems from a hardcoded fallback JWT secret, implemented as the public string 9router-default-secret-change-me, used when JWT_SECRET is unset in multiple files. An attacker can forge a valid auth_token cookie and gain a...

9.8CVSS6.1AI score0.00601EPSS
Exploits1References3
cvelist
cvelist
added 2 days ago34 views

CVE-2026-49352 9Router: Hardcoded Default fallback JWT Secret Allows Authentication Bypass

9Router is an AI router & token saver. From 0.2.21 until 0.4.44, 9Router used the hardcoded fallback JWT secret 9router-default-secret-change-me in src/app/api/auth/login/route.js, src/middleware.js, and later src/lib/auth/dashboardSession.js, allowing attackers to forge an authtoken cookie when...

9.8CVSS0.00601EPSS
Exploits1References3
cve
cve
added 2 days ago9 views

CVE-2026-61740

LightRAG vulnerability CVE-2026-61740 affects LightRAG prior to v1.5.4. When LIGHTRAG_API_KEY is set but AUTH_ACCOUNTS is unset, authentication protection can be bypassed: lightrag/api/auth.py falls back to a hardcoded DEFAULT_TOKEN_SECRET, /auth-status and /login can mint guest JWTs, and combine...

9.3CVSS6.1AI score0.00381EPSS
Exploits0References4
cvelist
cvelist
added 2026/07/07 8:33 p.m.34 views

CVE-2026-57172 DataEase: Hardcoded JWT Signing Secret in ShareLink

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, ShareSecretManage uses a hardcoded default share link signature key, allowing an attacker who can obtain a passwordless share for a resource and user to use the known key link-pwd-fit2cloud to forge linkToken JWTs,...

8.3CVSS0.00289EPSS
Exploits0References2
cve
cve
added 2026/07/07 8:33 p.m.14 views

CVE-2026-57172

DataEase prior to 2.10.24 is affected by a hardcoded default share link signature key in ShareSecretManage. An attacker who can obtain a passwordless share for a resource and user can use the known key to forge linkToken JWTs (link-pwd-fit2cloud), bypass TokenFilter verification, and access backe...

8.3CVSS5.9AI score0.00289EPSS
Exploits0References2
osv
osv
added 2026/07/07 4:3 p.m.7 views

PYSEC-2026-1192 arcade-mcp-server Has Default Hardcoded Worker Secret That Allows Full Unauthorized Access to All HTTP MCP Worker Endpoints

Summary The arcade-mcp HTTP server uses a hardcoded default worker secret "dev" that is never validated or overridden during normal server startup. As a result, any unauthenticated attacker who knows this default key can forge valid JWTs and fully bypass the FastAPI authentication layer. This...

6.5CVSS6.1AI score0.00281EPSS
Exploits0References8
github
github
added 2026/07/02 8:56 p.m.13 views

9router's Hardcoded Default fallback JWT Secret Allows Authentication Bypass

Summary 9router uses a publicly known hardcoded string "9router-default-secret-change-me" as the fallback of JWT secret for all Dashboard session JWTs when the JWTSECRET environment variable is not set. Because this secret is committed in the public repository and unchanged across all releases, a...

10CVSS5.8AI score0.04572EPSS
Exploits1References2Affected Software1
patchstack
patchstack
added 2026/07/02 8:56 p.m.7 views

NPM: 9router's Hardcoded Default fallback JWT Secret Allows Authentication Bypass

NPM: 9router's Hardcoded Default fallback JWT Secret Allows Authentication Bypass vulnerability discovered by ? in WordPress Npm 9router versions = 0.2.21, = 0.4.41...

9.8CVSS5.9AI score0.00601EPSS
Exploits1References2Affected Software1
osv
osv
added 2026/07/02 8:56 p.m.4 views

GHSA-JPHH-M39H-6GWX 9router's Hardcoded Default fallback JWT Secret Allows Authentication Bypass

Summary 9router uses a publicly known hardcoded string "9router-default-secret-change-me" as the fallback of JWT secret for all Dashboard session JWTs when the JWTSECRET environment variable is not set. Because this secret is committed in the public repository and unchanged across all releases, a...

9.8CVSS5.8AI score0.00601EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2026/07/02 12:0 a.m.11 views

PT-2026-55456

Summary 9router uses a publicly known hardcoded string "9router-default-secret-change-me" as the fallback of JWT secret for all Dashboard session JWTs when the JWT SECRET environment variable is not set. Because this secret is committed in the public repository and unchanged across all releases,...

9.8CVSS5.8AI score0.00601EPSS
Exploits1References6
gitlab
gitlab
added 2026/07/02 12:0 a.m.8 views

9router's Hardcoded Default fallback JWT Secret Allows Authentication Bypass

9router uses a publicly known hardcoded string "9router-default-secret-change-me" as the fallback of JWT secret for all Dashboard session JWTs when the JWTSECRET environment variable is not set. Because this secret is committed in the public repository and unchanged across all releases, any...

9.8CVSS5.8AI score0.00601EPSS
Exploits1References3Affected Software1
nvd
nvd
added 2026/06/30 11:17 p.m.7 views

CVE-2026-56278

Flowise before 3.1.0 affected versions 3.0.13 and earlier uses a weak hardcoded default secret 'flowise' for the express-session middleware when the EXPRESSSESSIONSECRET environment variable is not set packages/server/src/enterprise/middleware/passport/index.ts. Because this default secret is...

9.3CVSS0.0036EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/30 10:8 p.m.31 views

CVE-2026-56278 Flowise - Session Hijacking via Weak Default Express Session Secret

Flowise before 3.1.0 affected versions 3.0.13 and earlier uses a weak hardcoded default secret 'flowise' for the express-session middleware when the EXPRESSSESSIONSECRET environment variable is not set packages/server/src/enterprise/middleware/passport/index.ts. Because this default secret is...

9.3CVSS0.0036EPSS
Exploits0References2
osv
osv
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-479 praisonai-platform: JWT signing key defaults to hardcoded "dev-secret-change-me", allowing token forgery for any user when PLATFORM_ENV is unset

Summary Type: Insecure default cryptographic key. The JWT signing secret defaults to the hardcoded literal "dev-secret-change-me" when PLATFORMJWTSECRET is unset. A safety check exists but only fires when PLATFORMENV != "dev"; the default value of PLATFORMENV is "dev", so the check is silently...

9.8CVSS5.9AI score0.00054EPSS
Exploits0References5
osv
osv
added 2026/06/25 10:34 p.m.4 views

GO-2026-5515 Go Restful API Boilerplate: Hardcoded JWT Secret "random" Allows Token Forgery in github.com/dhax/go-base

Go Restful API Boilerplate: Hardcoded JWT Secret "random" Allows Token Forgery in github.com/dhax/go-base...

5.8AI score0.00055EPSS
Exploits0References2
osv
osv
added 2026/06/10 1:39 p.m.7 views

GHSA-MQQ6-462X-JXMM Go Restful API Boilerplate: Hardcoded JWT Secret "random" Allows Token Forgery

Vulnerability: CWE-798 — Hardcoded JWT Secret + Broken Mitigation Affected Component - github.com/dhax/go-base — Go REST API boilerplate go-chi/jwtauth/v5, Viper, PostgreSQL/Bun - 1,685 stars on GitHub Vulnerability Locations | File | Line | Role | |------|------|------| | dev.env | 10 |...

9.1CVSS5.7AI score0.00055EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/10 12:0 a.m.28 views

PT-2026-48473

Name of the Vulnerable Software and Affected Versions go-base versions prior to the May 17, 2026 patch Description The software contains a hardcoded JWT signing secret set to "random" in the dev.env template and as a programmatic fallback in the viper.SetDefault function within cmd/serve.go. A...

9.1CVSS5.9AI score0.00055EPSS
Exploits0References6
redhatcve
redhatcve
added 2026/06/05 7:17 p.m.10 views

CVE-2026-42869

SOCFortress CoPilot focuses on providing a single pane of glass for all your security operations needs. Prior to 0.1.57, SOCFortress CoPilot ships a hardcoded JWT signing secret as a fallback value in backend/app/auth/utils.py:28 and ships it verbatim in .env.example. Any deployment where JWTSECR...

10CVSS5.7AI score0.0044EPSS
Exploits0References1
Rows per page
Query Builder