The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
1,323 vulnerabilities with CWE-522
CVE-2026-28678
HIGH
DSA Study Hub - Info Disclosure
CVSS 8.1
CVE-2026-27777
MEDIUM
Charging Station - Info Disclosure
CVSS 6.5
CVE-2026-27027
MEDIUM
Charging Station - Info Disclosure
CVSS 6.5
CVE-2026-28714
MEDIUM
Acronis Cyber Protect 17 - Info Disclosure
CVSS 4.8
CVE-2026-27770
MEDIUM
Charging Station - Info Disclosure
CVSS 6.5
CVE-2026-29128
CRITICAL
IDC SFX2100 Firmware - Info Disclosure
CVSS 10.0
CVE-2026-0689
MEDIUM
ExtremeCloud IQ Site Engine <26.2.10 - Info Disclosure
CVE-2026-20435
MEDIUM
Preloader - Info Disclosure
CVSS 4.6
CVE-2026-27167
NONE
Gradio 4.16.0-6.6.0 - Auth Bypass
CVE-2026-21660
CRITICAL
Frick Controls Quantum HD <10.22 - Info Disclosure
CVSS 9.8
CVE-2026-25774
MEDIUM
Charging Station - Info Disclosure
CVSS 6.5
CVE-2026-22878
MEDIUM
Charging Station - Info Disclosure
CVSS 6.5
CVE-2026-27773
MEDIUM
Charging Station - Info Disclosure
CVSS 6.5
CVE-2026-22890
MEDIUM
Charging Station - Info Disclosure
CVSS 6.5
CVE-2026-20791
MEDIUM
Charging Station - Info Disclosure
CVSS 6.5
CVE-2026-20733
MEDIUM
Charging Station - Info Disclosure
CVSS 6.5
CVE-2026-26049
MEDIUM
Device Web Interface - Info Disclosure
CVSS 5.7
CVE-2026-27003
MEDIUM
OpenClaw <2026.2.15 - Info Disclosure
CVSS 5.5
CVE-2026-25631
MEDIUM
NPM N8n < 1.121.0 - Improper Input Validation
CVSS 6.5
CVE-2026-0715
MEDIUM
Moxa Arm-based - Info Disclosure
CVSS 6.8
CVE-2026-1966
LOW
YugabyteDB Anywhere - Info Disclosure
CVE-2026-24845
MEDIUM
Chainguard-dev Malcontent - Insufficiently Protected Credentials
CVSS 6.5
CVE-2026-23958
CRITICAL
Dataease <2.10.19 - Info Disclosure
CVSS 9.8
CVE-2026-21852
HIGH
Anthropic Claude Code < 2.0.65 - Insufficiently Protected Credentials
CVSS 7.5
CVE-2026-1223
MEDIUM
PrismX MX100 AP - Privilege Escalation
CVSS 4.9
Details
Vulnerabilities
1,323