CWE-259

High likelihood

Use of Hard-coded Password

Parent: CWE-798 - Use of Hard-coded Credentials

The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.

186 vulnerabilities with CWE-259

CVE-2026-7579 HIGH

AstrBotDevs AstrBot Dashboard auth.py hard-coded credentials

CVSS 7.3

CVE-2026-6610 LOW

liangliangyy DjangoBlog Setting settings.py hard-coded credentials

CVSS 3.7

CVE-2026-6578 MEDIUM

liangliangyy DjangoBlog Setting settings.py hard-coded credentials

CVSS 5.6

CVE-2026-6574 HIGH

osuuu LightPicture API Upload Endpoint lp.sql hard-coded credentials

CVSS 7.3

CVE-2026-4993 LOW

wandb OpenUI config.py hard-coded credentials

CVSS 3.3

CVE-2026-4475 HIGH

Yi Technology YI Home Camera ipc hard-coded credentials

CVSS 8.8

CVE-2026-4219 LOW

INDEX Conferences & Exhibitions Organization YWF BPOF APGCS App ae.index.apgcs BuildConfig.java hard-coded credentials

CVSS 3.3

CVE-2026-4216 MEDIUM

i-SENS SmartLog App air.SmartLog.android hard-coded credentials

CVSS 5.3

CVE-2026-2702 LOW

Beetel 777VR1 <=01.00.09 - Auth Bypass

CVSS 3.1

CVE-2026-2616 HIGH

Beetel 777VR1 <=01.00.09 - Auth Bypass

CVSS 8.8

CVE-2026-25753 CRITICAL

PlaciPy 1.0.0 - Info Disclosure

CVSS 9.8

CVE-2026-1610 HIGH

Tenda AX12 Pro V2 16.03.49.24_cn - Info Disclosure

CVSS 8.1

CVE-2025-57175 MEDIUM

Siklu EtherHaul 8010 - Auth Bypass

CVSS 6.4

CVE-2025-7741 LOW

Yokogawa CENTUM VP <R5.04.20 - Auth Bypass

CVE-2025-59388 CRITICAL

Hyper Data Protector <2.3.1.455 - Auth Bypass

CVSS 9.8

CVE-2025-70802 HIGH

Tenda G1V3.1si V16.01.7.8 - Auth Bypass

CVSS 8.4

CVE-2025-70798 HIGH

Tenda i24V3.0si V3.0.0.5 - Auth Bypass

CVSS 8.4

CVE-2025-46067 HIGH

Automai Director <25.2.0 - Privilege Escalation

CVSS 8.2

CVE-2025-15371 HIGH

Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G, TEG5328F - Hard-Coded Credentials in Shadow File

CVSS 7.8

CVE-2025-15111 CRITICAL

Kseniasecurity Lares Firmware - Hard-coded Credentials

CVSS 9.8

CVE-2025-14126 HIGH

TOZED ZLT M30S/ZLT M30S PRO <1.47/3.09.06 - Hard-Coded Credentials

CVSS 8.8

CVE-2025-13252 HIGH

shsuishang ShopSuite ModulithShop <45a99398cec3b7ad7ff9383694f0b533...

CVSS 7.3

CVE-2025-12676 MEDIUM

KiotViet Sync <1.8.5 - Auth Bypass

CVSS 5.3

CVE-2025-61330 MEDIUM

Magic-branded devices - Info Disclosure

CVSS 6.5

CVE-2025-11666 MEDIUM

Tenda RP3 Pro <22.5.7.93 - Info Disclosure

CVSS 6.7

Details

Vulnerabilities 186

Exploit Likelihood High

Links