Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7548 matches found

EUVD
EUVDadded 2026/01/28 12:15 a.m.5 views

EUVD-2026-4905

Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a hardcoded credential in the provided installation script located at https://dokploy.com/install.sh, line 154 uses a hardcoded password when creating the database container. This means that nearly all Dokpl...

8CVSS5.9AI score0.00334EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/01/28 12:15 a.m.3 views

CVE-2026-24840

Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a hardcoded credential in the provided installation script located at https://dokploy.com/install.sh, line 154 uses a hardcoded password when creating the database container. This means that nearly all Dokpl...

8CVSS5.9AI score0.00334EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2026/01/28 12:15 a.m.5 views

CVE-2026-24840 Dokploy uses hardcoded credentials in installation script, which could result in database access

Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a hardcoded credential in the provided installation script located at https://dokploy.com/install.sh, line 154 uses a hardcoded password when creating the database container. This means that nearly all Dokpl...

8CVSS5.9AI score0.00334EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2026/01/28 12:15 a.m.5 views

CVE-2026-24840 Dokploy uses hardcoded credentials in installation script, which could result in database access

Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a hardcoded credential in the provided installation script located at https://dokploy.com/install.sh, line 154 uses a hardcoded password when creating the database container. This means that nearly all Dokpl...

8CVSS5.9AI score0.00334EPSS
Exploits1References2
CVE
CVEadded 2026/01/28 12:15 a.m.18 views

CVE-2026-24840

CVE-2026-24840 affects Dokploy PaaS. In versions prior to 0.26.6, the installation script at install.sh contains a hardcoded database credential (line 154), causing nearly all deployments to share the same password and enabling potential compromise of the database container. Red Hat/NVD/CVE listi...

8.8CVSS5.9AI score0.00334EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2026/01/28 12:15 a.m.36 views

CVE-2026-24840 Dokploy uses hardcoded credentials in installation script, which could result in database access

Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a hardcoded credential in the provided installation script located at https://dokploy.com/install.sh, line 154 uses a hardcoded password when creating the database container. This means that nearly all Dokpl...

8CVSS0.00334EPSS
Exploits1References2
CNNVD
CNNVDadded 2026/01/28 12:0 a.m.3 views

Explorance Blue security vulnerabilities

Explorance Blue is a learning experience management software developed by the Canadian company Explorance. Versions of Explorance Blue prior to 8.14.12 contained security vulnerabilities. These vulnerabilities stemmed from the use of reversible symmetric encryption with hardcoded static keys to...

6.8CVSS5.8AI score0.00186EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/01/28 12:0 a.m.7 views

PT-2026-5045

Name of the Vulnerable Software and Affected Versions Dokploy versions prior to 0.26.6 Description Dokploy is a self-hostable Platform as a Service PaaS. Installations prior to version 0.26.6 utilize a hardcoded password within the installation script, specifically at the provided URL:...

8CVSS5.2AI score0.00334EPSS
Exploits1References10
Positive Technologies
Positive Technologiesadded 2026/01/28 12:0 a.m.7 views

PT-2026-5072

Name of the Vulnerable Software and Affected Versions SolarWinds Web Help Desk versions prior to 12.8.1 Description SolarWinds Web Help Desk is susceptible to a hardcoded credentials issue that, in certain scenarios, could allow access to administrative functions. Attackers can identify exposed...

7.5CVSS5.6AI score0.00534EPSS
Exploits0References15
Positive Technologies
Positive Technologiesadded 2026/01/28 12:0 a.m.6 views

PT-2026-5175

Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sensitive data, including user passwords and system configurations. This approach allows stored values to be decrypted offline if the encrypted data are obtained...

6.8CVSS5.9AI score0.00186EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/01/27 3:23 p.m.4 views

CVE-2025-59091

Multiple hardcoded credentials have been identified, which are allowed to sign-in to the exos 9300 datapoint server running on port 1004 and 1005. This server is used for relaying status information from and to the Access Managers. This information, among other things, is used to graphically...

9.3CVSS6AI score0.00759EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/27 3:23 p.m.9 views

CVE-2025-59103

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...

9.2CVSS5.8AI score0.00403EPSS
Exploits0References1
CVE
CVEadded 2026/01/26 5:39 p.m.13 views

CVE-2026-24429

CVE-2026-24429 affects Shenzhen Tenda W30E V2 firmware versions up to and including 16.01.0.19(5037). The issue is a predefined default password for a built-in authentication account that is not required to be changed during initial configuration, enabling an attacker to gain authenticated access...

9.8CVSS5.9AI score0.00371EPSS
Exploits0References2Affected Software1
GithubExploit
GithubExploitadded 2026/01/26 3:48 p.m.137 views

sonarcloud-poc

SonarCloud PoC - SAST Test Projeto de teste para validar dete...

5.9AI score
Exploits0
NVD
NVDadded 2026/01/26 10:16 a.m.5 views

CVE-2025-59103

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...

9.2CVSS0.00403EPSS
Exploits0References3
NVD
NVDadded 2026/01/26 10:16 a.m.5 views

CVE-2025-59091

Multiple hardcoded credentials have been identified, which are allowed to sign-in to the exos 9300 datapoint server running on port 1004 and 1005. This server is used for relaying status information from and to the Access Managers. This information, among other things, is used to graphically...

9.3CVSS0.00759EPSS
Exploits0References3
EUVD
EUVDadded 2026/01/26 10:5 a.m.4 views

EUVD-2025-206370

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...

9.2CVSS5.8AI score0.00403EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/01/26 10:5 a.m.4 views

CVE-2025-59103

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...

9.2CVSS5.8AI score0.00403EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/01/26 10:5 a.m.5 views

CVE-2025-59103 Weak Default Passwords for SSH Access in dormakaba access manager

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...

9.2CVSS5.8AI score0.00403EPSS
Exploits0References3
CVE
CVEadded 2026/01/26 10:5 a.m.15 views

CVE-2025-59103

CVE-2025-59103 concerns the Access Manager 92xx hardware revision K7. The Red Hat/NVD/CVE entries describe an SSH service exposed on port 22 with two users that have hardcoded and weak passwords, allowing SSH access. A key root-cause is that password randomization on first deployment is condition...

9.2CVSS5.8AI score0.00403EPSS
Exploits0References3
Rows per page
Query Builder