Exploit Intelligence Platform

CVE-2025-14923 4.7 MEDIUM EPSS 0.00

IBM WebSphere Liberty 17.0.0.3-26.0.0.2 - Auth Bypass

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than expected security when using the Security Utility when administering security settings.

CWE-321 Mar 03, 2026

CVE-2026-0754 EPSS 0.00

Poly Voice - Info Disclosure

An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate.

CWE-321 Mar 03, 2026

CVE-2026-1442 7.8 HIGH 1 Writeup EPSS 0.00

Unitree Go2 - Firmware Tampering

Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker (or anyone paying attention), the firmware updates may be altered by an unauthorized user, and then trusted by a Unitree product, such as the Unitree Go2 and other models. This issue appears to affect all of Unitree’s current offerings as of February 26, 2026, and so should be considered a vulnerability in both the firmware generation and extraction processes. At the time of this release, there is no publicly-documented mechanism to subvert the update process and insert poisoned firmware packages without the equipment owner’s knowledge.

CWE-321 Feb 27, 2026

CVE-2026-27519 7.5 HIGH EPSS 0.00

Binardat 10G08-0800GSM <V300SP10260209 - Info Disclosure

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections.

CWE-321 Feb 24, 2026

CVE-2025-67305 9.8 CRITICAL 1 Writeup EPSS 0.00

RUCKUS Network Director <4.5.0.56 - Auth Bypass

In RUCKUS Network Director (RND) < 4.5.0.56, the OVA appliance contains hardcoded SSH keys for the postgres user. These keys are identical across all deployments, allowing an attacker with network access to authenticate via SSH without a password. Once authenticated, the attacker can access the PostgreSQL database with superuser privileges, create administrative users for the web interface, and potentially escalate privileges further.

CWE-321 Feb 19, 2026

CVE-2026-26335 9.8 CRITICAL 2 PoCs Analysis EPSS 0.00

Calero VeraSMART <2022 R1 - Remote Code Execution

Calero VeraSMART versions prior to 2022 R1 use static ASP.NET/IIS machineKey values configured for the VeraSMART web application and stored in C:\\Program Files (x86)\\Veramark\\VeraSMART\\WebRoot\\web.config. An attacker who obtains these keys can craft a valid ASP.NET ViewState payload that passes integrity validation and is accepted by the application, resulting in server-side deserialization and remote code execution in the context of the IIS application.

CWE-321 Feb 13, 2026

CVE-2026-25894 9.8 CRITICAL 1 Writeup EPSS 0.00

FUXA <1.2.9 - RCE

FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An insecure default configuration in FUXA allows an unauthenticated, remote attacker to gain administrative access and execute arbitrary code on the server. This affects FUXA through version 1.2.9 when authentication is enabled, but the administrator JWT secret is not configured. This issue has been patched in FUXA version 1.2.10.

CWE-1188 Feb 09, 2026

CVE-2026-22906 9.8 CRITICAL EPSS 0.00

User Credentials Storage - Info Disclosure

User credentials are stored using AES‑ECB encryption with a hardcoded key. An unauthenticated remote attacker obtaining the configuration file can decrypt and recover plaintext usernames and passwords, especially when combined with the authentication bypass.

CWE-321 Feb 09, 2026

CVE-2026-2103 7.1 HIGH EPSS 0.00

Infor SyteLine ERP - Info Disclosure

Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical across all installations. An attacker with access to the application binary and database can decrypt all stored credentials.

CWE-798 Feb 06, 2026

CVE-2026-25505 9.8 CRITICAL 1 Writeup EPSS 0.00

Pypi Bambuddy < 0.1.7 - Missing Authentication

Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Prior to version 0.1.7, a hardcoded secret key used for signing JWTs is checked into source code and ManyAPI routes do not check authentication. This issue has been patched in version 0.1.7.

CWE-321 Feb 04, 2026

CVE-2026-22586 9.8 CRITICAL EPSS 0.00

Salesforce Marketing Cloud Engagement - Web Services Protocol Manip...

Hard-coded Cryptographic Key vulnerability in Salesforce Marketing Cloud Engagement (CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage modules) allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 21st, 2026.

CWE-321 Jan 24, 2026

CVE-2025-58740 5.5 MEDIUM EPSS 0.00

Milner ImageDirector Capture <7.6.3.25808 - Info Disclosure

The use of a hard-coded encryption key in calls to the Password function in C2SGlobalSettings.dll in Milner ImageDirector Capture on Windows allows a local attacker to decrypt database credentials by reading the cryptographic key from the executable. This issue affects ImageDirector Capture: from 7.0.9 before 7.6.3.25808.

CWE-321 Jan 20, 2026

CVE-2025-62581 9.8 CRITICAL EPSS 0.00

Delta Electronics DIAView - Multiple Vulns

Delta Electronics DIAView has multiple vulnerabilities.

CWE-321 Jan 16, 2026

CVE-2024-54855 6.4 MEDIUM EPSS 0.00

Vanilla OS 2 Core image <1.1.0 - Info Disclosure

fabricators Ltd Vanilla OS 2 Core image v1.1.0 was discovered to contain static keys for the SSH service, allowing attackers to possibly execute a man-in-the-middle attack during connections with other hosts.

CWE-321 Jan 13, 2026

CVE-2025-15108 3.7 LOW EPSS 0.00

PandaXGO PandaX <fb8ff40f7ce5dfebdf66306c6d85625061faf7e5 - Unknown...

A vulnerability was detected in PandaXGO PandaX up to fb8ff40f7ce5dfebdf66306c6d85625061faf7e5. This affects an unknown function of the file config.yml of the component JWT Secret Handler. The manipulation of the argument key results in use of hard-coded cryptographic key . The attack may be performed from remote. This attack is characterized by high complexity. The exploitability is reported as difficult. The exploit is now public and may be used. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The project was informed of the problem early through an issue report but has not responded yet.

CWE-320 Dec 27, 2025

CVE-2025-15107 3.7 LOW EPSS 0.00

Actiontech sqle <4.2511.0 - Unknown Vuln

A security vulnerability has been detected in actiontech sqle up to 4.2511.0. The impacted element is an unknown function of the file sqle/utils/jwt.go of the component JWT Secret Handler. The manipulation of the argument JWTSecretKey leads to use of hard-coded cryptographic key . The attack is possible to be carried out remotely. The attack's complexity is rated as high. The exploitability is regarded as difficult. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report and is planning to fix this flaw in an upcoming release.

CWE-320 Dec 27, 2025

CVE-2025-15105 3.7 LOW EPSS 0.00

getmaxun <0.0.28 - Info Disclosure

A security flaw has been discovered in getmaxun maxun up to 0.0.28. Impacted is an unknown function of the file /getmaxun/maxun/blob/develop/server/src/routes/auth.ts. Performing manipulation of the argument api_key results in use of hard-coded cryptographic key . Remote exploitation of the attack is possible. The attack is considered to have high complexity. The exploitability is considered difficult. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

CWE-320 Dec 27, 2025

CVE-2025-68948 8.1 HIGH EPSS 0.00

SiYuan <3.5.1 - Info Disclosure

SiYuan is self-hosted, open source personal knowledge management software. In versions 3.5.1 and prior, the SiYuan Note application utilizes a hardcoded cryptographic secret for its session store. This unsafe practice renders the session encryption ineffective. Since the sensitive AccessAuthCode is stored within the session cookie, an attacker who intercepts or obtains a user's encrypted session cookie (e.g., via session hijacking) can locally decrypt it using the public key. Once decrypted, the attacker can retrieve the AccessAuthCode in plain text and use it to authenticate or take over the session.

CWE-321 Dec 27, 2025

CVE-2025-52601 7.8 HIGH EPSS 0.00

Device Manager - Info Disclosure

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has discovered a vulnerability in Device Manager that a hardcoded encryption key for sensitive information. An attacker can use key to decrypt sensitive information. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.

CWE-321 Dec 26, 2025

CVE-2025-15016 9.8 CRITICAL EPSS 0.00

Enterprise Cloud Database - Info Disclosure

Enterprise Cloud Database developed by Ragic has a Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information and log into the system as any user.

CWE-321 Dec 22, 2025

CVE & Exploit Intelligence Database

Investigate

Ecosystems

Reference Indexes

Recent Blog Posts

CVEForge Labs

KEV Gaps