CWE-259

High likelihood

Use of Hard-coded Password

Parent: CWE-798 - Use of Hard-coded Credentials

The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.

194 vulnerabilities with CWE-259
CVE-2026-11552 MEDIUM
SourceCodester Onlne Examination & Learning Management System import_users.php hard-coded password
CVSS 5.3
CVE-2026-11515 MEDIUM
SourceCodester Barangay Resident Profiling and Information Management System Password Reset passsword_reset.php hard-coded password
CVSS 5.3
CVE-2026-35905 CRITICAL
T3 Technology CPE T625Pro 1.0.07, T6825G 1.0.03, T7281 1.0.03 - Hardcoded Password for Root Access
CVSS 9.8
CVE-2026-22055 MEDIUM
NETAPP Active IQ OneCollect 2.7.3 - Authenticated Unauthorized AutoSupport Operations via Hard-Coded Credentials
CVE-2026-22054 MEDIUM
NETAPP Active IQ Config Advisor 6.7.3 - Authenticated Unauthorized AutoSupport Operations via Hard-Coded Credentials
CVE-2026-7251 CRITICAL
Eppendorf BioFlo 320 Use of hard-coded password
CVSS 9.8
CVE-2026-8032 HIGH
PicoTronica e-Clinic Healthcare System ECHS echs.js hard-coded credentials
CVSS 7.3
CVE-2026-7579 HIGH
AstrBotDevs AstrBot Dashboard auth.py hard-coded credentials
CVSS 7.3
CVE-2026-6610 LOW
liangliangyy DjangoBlog Setting settings.py hard-coded credentials
CVSS 3.7
CVE-2026-6578 MEDIUM
liangliangyy DjangoBlog Setting settings.py hard-coded credentials
CVSS 5.6
CVE-2026-6574 HIGH
osuuu LightPicture API Upload Endpoint lp.sql hard-coded credentials
CVSS 7.3
CVE-2026-4993 LOW
wandb OpenUI config.py hard-coded credentials
CVSS 3.3
CVE-2026-4475 HIGH
Yi Technology YI Home Camera ipc hard-coded credentials
CVSS 8.8
CVE-2026-4219 LOW
INDEX Conferences & Exhibitions Organization YWF BPOF APGCS App ae.index.apgcs BuildConfig.java hard-coded credentials
CVSS 3.3
CVE-2026-4216 MEDIUM
i-SENS SmartLog App air.SmartLog.android hard-coded credentials
CVSS 5.3
CVE-2026-2702 LOW
Beetel 777VR1 <=01.00.09 - Auth Bypass
CVSS 3.1
CVE-2026-2616 HIGH
Beetel 777VR1 <=01.00.09 - Auth Bypass
CVSS 8.8
CVE-2026-25753 CRITICAL
PlaciPy 1.0.0 - Use of Hard-coded Password for Student Accounts
CVSS 9.8
CVE-2026-1610 HIGH
Tenda AX12 Pro V2 16.03.49.24_cn - Info Disclosure
CVSS 8.1
CVE-2025-57175 MEDIUM
Siklu EtherHaul 8010 >=siklu-uimage-nxp-enc-10_6_2-18707-ea552dc00b - Use of Hard-coded Password
CVSS 6.4
CVE-2025-7741 LOW
Yokogawa CENTUM VP <R5.04.20 - Auth Bypass
CVE-2025-59388 CRITICAL
Hyper Data Protector <2.3.1.455 - Auth Bypass
CVSS 9.8
CVE-2025-70041 CRITICAL
ThermaKube master - Hard-coded Password
CVSS 9.8
CVE-2025-70802 HIGH
Tenda G1V3.1si V16.01.7.8 - Auth Bypass
CVSS 8.4
CVE-2025-70798 HIGH
Tenda i24V3.0si V3.0.0.5 - Auth Bypass
CVSS 8.4
Details
Vulnerabilities 194
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits