CVE-2026-5715

The Voyage Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' attribute of the 'post-content' shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...

CVE-2026-40425

The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...

CVE-2026-44611

Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks...

CVE-2026-42941

The Danelec MacGregor Voyage Data Recorder device includes a default username and password, with no enforced password change...

CVE-2026-42929

Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials...

CVE-2026-44611

Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks...

CVE-2026-42951

An authenticated user can download a backup of the Danelec MacGregor Voyage Data Recorder device which includes account data and password hashes...

CVE-2026-40425

The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...

CVE-2026-42929

Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials...

CVE-2026-42941

The Danelec MacGregor Voyage Data Recorder device includes a default username and password, with no enforced password change...

CVE-2026-40425 MacGregor Voyage Data Recorder (VDR) G4e Files or Directories Accessible to External Parties

The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...

CVE-2026-40425

The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...

CVE-2026-40425

CVE-2026-40425 affects the Danelec MacGregor Voyage Data Recorder (VDR) web interface. The vulnerability allows the administrator account to directly edit sensitive authentication-related files, potentially changing the root password. This is supported by ICS-CERT/DHS metrics indicating impact to...

EUVD-2026-33403

The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password...

CVE-2026-42929 MacGregor Voyage Data Recorder (VDR) G4e Use of Hard-coded Credentials

Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials...

CVE-2026-42929 MacGregor Voyage Data Recorder (VDR) G4e Use of Hard-coded Credentials

Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials...

CVE-2026-42929

Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials...

CVE-2026-42929

CVE-2026-42929 affects the Danelec MacGregor Voyage Data Recorder (VDR) — specifically the G4e line — where default accounts are hard-coded. This represents a credential-related vulnerability (high impact) with CVSS 3.1/3.4-like metrics indicating unauthorized access potential from adjacent netwo...

EUVD-2026-33400

Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials...

CVE-2026-44611

Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks...