Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,358 vulnerabilities with CWE-522

CVE-2026-32634 HIGH

Glances Central Browser Autodiscovery Leaks Reusable Credentials to Zeroconf-Spoofed Servers

CVE-2026-32633 CRITICAL

Glances's Browser API Exposes Reusable Downstream Credentials via `/api/4/serverslist`

CVE-2026-32606 HIGH

IncusOS <202603142010 LUKS - TPM Policy Encryption Bypass

CVE-2026-21670 HIGH

Veeam Backup & Replication 13.0.0.496-13.0.1 - Insufficiently Protected SSH Credentials

CVE-2026-3783 MEDIUM

curl 7.33.0-8.19.0 - OAuth2 Bearer Token Leak via Redirect with .netrc Hostname Match

CVE-2026-28678 HIGH

DSA Study Hub < 2026-02-21 - Insufficiently Protected Credentials in JWT Cookie Storage

CVE-2026-27777 MEDIUM

Mobiliti e-mobi.hu - Unprotected User Data Exposure via Web-Based Mapping Platform

CVE-2026-27027 MEDIUM

Everon api.everon.io - Unprotected Credential Exposure via Web Mapping Platform

CVE-2026-28714 MEDIUM

Acronis Cyber Protect 17 - Info Disclosure

CVE-2026-27770 MEDIUM

ePower epower.ie - Unprotected Credential Exposure via Web Mapping Platform

CVE-2026-29128 CRITICAL

IDC SFX2100 Firmware - Info Disclosure

CVE-2026-0689 MEDIUM

ExtremeCloud IQ Site Engine <26.2.10 - Info Disclosure

CVE-2026-20435 MEDIUM

Preloader - Info Disclosure

CVE-2026-27167 NONE

Gradio 4.16.0-6.5.9 - Unauthenticated Hardcoded Credential Exposure via OAuth Mock Route

CVE-2026-21660 CRITICAL

Frick Controls Quantum HD <10.22 - Info Disclosure

CVE-2026-25774 MEDIUM

ev.energy - Unprotected Credential Exposure via Web-Based Mapping Platforms

CVE-2026-22878 MEDIUM

mobility46.se - Unprotected Credential Exposure via Web-Based Mapping Platform

CVE-2026-27773 MEDIUM

swtchenergy.com - Unprotected Credential Exposure via Web-Based Mapping Platforms

CVE-2026-22890 MEDIUM

ev2go.io - Unprotected Credential Exposure via Web-Based Mapping Platform

CVE-2026-20791 MEDIUM

chargemap.com - Unprotected Credential Exposure via Web Mapping Platform

CVE-2026-20733 MEDIUM

cloudcharge.se - Unprotected Credential Exposure via Web-Based Mapping Platforms

CVE-2026-26049 MEDIUM

Device Web Interface - Info Disclosure

CVE-2026-27003 MEDIUM

OpenClaw <2026.2.15 - Info Disclosure

CVE-2026-25631 MEDIUM

NPM N8n < 1.121.0 - Improper Input Validation

CVE-2026-0715 MEDIUM

Moxa Industrial Linux Secure - Insufficiently Protected Credentials via Bootloader Password

Previous Page 3 of 55 Next

Details

Vulnerabilities 1,358

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy