Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-321

CWE-321

High likelihood

Use of Hard-coded Cryptographic Key

Parent: CWE-798 - Use of Hard-coded Credentials

The product uses a hard-coded, unchangeable cryptographic key.

297 vulnerabilities with CWE-321

CVE-2025-66454 MEDIUM

arcade-mcp < 1.5.4 - Unauthenticated Authentication Bypass via Hardcoded Worker Secret

CVE-2025-13877 MEDIUM

Nocobase <=2.0.0-alpha.37 JWT Service - Hard-Coded Cryptographic Key

CVE-2025-11781 HIGH

Circutor SGE-PLC1000/SGE-PLC50 v9.0.2 - Privilege Escalation

CVE-2025-6666 LOW

motogadget mo.lock Ignition Lock <20251125 - Info Disclosure

CVE-2025-64304 MEDIUM

FOD App for Android and iOS < 5.2.0 - Unauthenticated Cryptographic Key Exposure via Hard-coded Keys

CVE-2025-65998 HIGH

Apache Syncope 2.1.0-2.1.13 and 4.0.0-4.0.2 - Use of Hard-coded Cryptographic Key

CVE-2025-13316 HIGH

Twonky Server 8.5.2 - Info Disclosure

CVE-2025-63289 CRITICAL

Sogexia Android App - Info Disclosure

CVE-2025-12177 MEDIUM

WordPress Download Manager <3.3.30 - Auth Bypass

CVE-2025-12615 MEDIUM

PHPGurukul News Portal 1.0 - Info Disclosure

CVE-2025-12599 CRITICAL

BLU-IC2, IC4 <1.19.5 - Info Disclosure

CVE-2025-54471 MEDIUM

NeuVector 5.3.0-5.4.6 - Use of Hard-coded Cryptographic Key

CVE-2025-46582 HIGH

ZTE ZXMP M721 >=ZXMPM721V5.30.020.001P01 - Authenticated Private Key Disclosure

CVE-2025-34500 HIGH

Deck Mate 2 < all known versions prior to 2025-10-23 - Arbitrary Code Execution via Insecure Firmware Update Chain

CVE-2025-56802 MEDIUM

Reolink desktop app - Info Disclosure

CVE-2025-56801 MEDIUM

Reolink Desktop App 8.18.12 - Info Disclosure

CVE-2025-11899 HIGH

Agentflow - Unauthenticated Authentication Bypass via Hard-coded Cryptographic Key

CVE-2025-58426 MEDIUM

desknet's NEO <9.0R2.0 - Code Injection

CVE-2025-11609 LOW

Code-projects Hospital Management System 1.0 - Code Injection

CVE-2025-35052 MEDIUM

Newforma Info Exchange - Path Traversal

CVE-2025-11290 MEDIUM

CRMEB < 5.6.1 - Use of Hard-coded Cryptographic Key in JWT HMAC Secret Handler

CVE-2025-59407 CRITICAL

Flock Safety DetectionProcessing 6.35.33 - Info Disclosure

CVE-2025-24525 HIGH

Keysight Ixia Vision <6.9.1 - Info Disclosure

CVE-2025-34217 CRITICAL

Vasion Print - Privilege Escalation

CVE-2025-8625 CRITICAL

Copypress Rest API 1.1-1.2 - Unauthenticated Remote Code Execution via JWT Token Forgery

Previous Page 4 of 12 Next

Details

Vulnerabilities 297

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy