The product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker.
50 vulnerabilities with CWE-1391
CVE-2026-47325
MEDIUM
Weak password policy in ProjectsAndPrograms school-management-system
CVE-2026-4377
MEDIUM
Use of Weak Credentials in D-Link DWR-X1820 router
CVE-2026-35089
HIGH
Use of Weak Credentials in Slican telephone exchanges
CVE-2026-44351
CRITICAL
fast-jwt: Empty HMAC secret accepted via async key resolver - JWT auth bypass
CVSS 9.1
CVE-2026-8076
CRITICAL
Weak credentials vulnerability in the CashDro 3 web administration panel
CVE-2026-39920
CRITICAL
BridgeHead FileStore < 24A Apache Axis2 Default Credentials RCE
CVSS 9.8
CVE-2026-23853
HIGH
Dell PowerProtect Data Domain - Use of Weak Credentials
CVSS 8.4
CVE-2026-22886
CRITICAL
Eclipse OpenMQ - Use of Weak Credentials via Default Admin Account
CVSS 9.8
CVE-2026-24449
MEDIUM
WRC-X1500GS-B/WRC-X1500GSA-B - Info Disclosure
CVSS 4.6
CVE-2026-22910
HIGH
Sick TDC-X401GL Firmware - Default Password
CVSS 7.5
CVE-2025-67114
CRITICAL
Small Cell Sercomm SCE4255W <DG3934v3@2308041842 - Auth Bypass
CVSS 9.8
CVE-2025-59103
CRITICAL
Access Manager 92xx - Info Disclosure
CVE-2025-59460
HIGH
Default Deployment - Info Disclosure
CVSS 7.5
CVE-2025-30519
CRITICAL
Dover Fueling Solutions ProGauge MagLink LX4 - Privilege Escalation
CVSS 9.8
CVE-2025-6737
HIGH
Securden's Unified PAM - Privilege Escalation
CVSS 7.2
CVE-2025-55584
MEDIUM
TOTOLINK A3002R v4.0.0-B20230531.1404 - Info Disclosure
CVSS 5.3
CVE-2025-35970
HIGH
SEIKO EPSON/FUJIFILM - Info Disclosure
CVSS 7.5
CVE-2025-6077
CRITICAL
Partner Software and Partner Web 4.32-4.32.2 - Use of Weak Credentials
CVSS 9.8
CVE-2025-53558
HIGH
ZTE Japan K.K. ZXHN-F660T and ZXHN-F660A - Use of Weak Credentials
CVSS 8.8
CVE-2025-6523
HIGH
Devolutions Server <2025.2.3.0 - Auth Bypass
CVSS 7.7
CVE-2025-52364
HIGH
Tenda CP3 Pro Firmware V22.5.4.93 - RCE
CVSS 7.5
CVE-2025-4057
MEDIUM
activemq-artemis-operator - Use of Weak Credentials via Password Regeneration Failure
CVSS 5.5
CVE-2025-32471
LOW
SICK FLX3-CPUC200 and TDC-X401GL - Use of Weak Credentials
CVSS 3.7
CVE-2025-2229
HIGH
Philips Intellispace Cardiovascular < 4.1 - Use of Weak Credentials via Fixed AES-128 Key
CVSS 7.7
CVE-2025-1081
LOW
Bharti Airtel Xstream Fiber <20250123 - Info Disclosure
CVSS 3.1
Details
Vulnerabilities
50