smb: client: Don't log plaintext credentials in cifs_set_cifscreds

...

CVE-2026-23303

In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifssetcifscreds When debug logging is enabled, cifssetcifscreds logs the key payload and exposes the plaintext username and password. Remove the debug log to avoid exposing...

CVE-2026-23303

The CVE-2026-23303 vulnerability affects the Linux kernel SMB client: when logging is enabled, cifs_set_cifscreds can emit plaintext credentials (username/password) to logs. The issue is fixed by removing the debug log, preventing credential exposure. The connected advisories confirm the flaw exi...

The vulnerability of the microprogrammed software of the BUFFALO VR-S1000 routers, related to the use of pre-installed user credentials, allows a intruder to obtain access to the password of any user.

The vulnerability of the BUFFALO VR-S1000 router’s microprogramming software is related to the use of pre-set login credentials. Exploiting this vulnerability could allow a hacker to gain access to the password of any user...

The vulnerability of the SCADA system SCADA Data Gateway (SDG) arises from the use of pre-set account data, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of the SCADA system SCADA Data Gateway SDG is related to the use of pre-set credentials. Exploiting this vulnerability can allow an intruder, operating remotely, to gain unauthorized access to protected information...

June 23, 2022—KB5014665 (OS Build 20348.803) Preview

June 23, 2022—KB5014665 OS Build 20348.803 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out...

The vulnerability of NETGEAR’s Wi-Fi router software, including models RBK352, RBR350, and RBS350, arises from the use of pre-set credentials. This allows unauthorized individuals to gain unauthorized access to protected information.

The vulnerability of NETGEAR Wi-Fi router software, including models RBK352, RBR350, and RBS350, stems from the use of pre-set login credentials. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information from a remote location...

The vulnerability of the EKOM-3000 data collection and transmission device, related to the use of pre-set account data, allows a perpetrator to gain access to the device.

The vulnerability of the ECOM-3000 data collection and transmission device is related to the use of pre-set credentials. Exploiting this vulnerability could allow a remote attacker to gain access to the device...

The vulnerability of Microprogrammed Software for Korenix switches, related to the use of pre-installed account data, allows a perpetrator to gain access to the device.

The vulnerability of Microprogrammed Software for Korenix switches relates to the use of pre-set credentials. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the device...

The vulnerability of Microprogrammed Software for Korenix switches, related to the use of pre-installed account data, allows a perpetrator to gain access to the device.

The vulnerability of Microprogrammed Software for Korenix switches relates to the use of pre-set credentials. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the device...

The vulnerability of the ALEOS software, a wireless modem from Sierra Wireless, allows a hacker to gain access to the system by exploiting pre-installed credentials.

The vulnerability of the ALEOS software for the Sierra Wireless AirLink GX 440 wireless modem lies in the use of pre-set login credentials. Exploiting this vulnerability allows a malicious actor to gain access to the system with privileges of one of the users: admin, rauser, sconsole, or user, by...