CVE-2026-25861

CVE-2026-25861 affects QloApps 1.7.0. The vulnerability is in the password hashing path: Tools::encrypt() in classes/Tools.php uses MD5 with a static cookie key, allowing offline brute-forcing of credentials. The risk is heightened by auto-generated 8-character guest-to-customer passwords in clas...

CVE-2025-69929

An issue in N3uron Web User Interface v.1.21.7-240207.1047 allows a remote attacker to escalate privileges via the password hashing on the client side using the MD5 algorithm over a predictable string format...

LlamaIndex 安全漏洞

LlamaIndex is a data framework for LLM applications open-sourced by LlamaIndex. A security vulnerability exists in LlamaIndex version 0.12.28 and earlier, which stems from the use of MD5 hashing to generate document block IDs, which could lead to hash conflicts...

LangChain4j-AIDeepin 安全漏洞

LangChain4j-AIDeepin is an AI-based work efficiency improvement tool by moyangzhan's personal developer. It can be used to assist enterprises/teams in technical research and development, product design, personnel/financial/IT information consulting, system/commodity consulting, customer service...

CVE-2022-21800

MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 uses the MD5 algorithm to hash the passwords before storing them but does not salt the hash. As a result, attackers may be able to crack the hashed...