Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,323 vulnerabilities with CWE-522

CVE-2026-23742 HIGH

Skipper <0.23.0 - Info Disclosure

CVE-2026-22911 MEDIUM

Sick Tdc-x401gl Firmware - Insufficiently Protected Credentials

CVE-2026-22240 HIGH

Blusparkglobal Bluvoyix - Information Disclosure

CVE-2026-22043 CRITICAL

Rustfs < 1.0.0-alpha.79 - Improper Access Control

CVE-2025-36568 HIGH

Dell PowerProtect Data Domain BoostFS - Info Disclosure

CVE-2025-15622 MEDIUM

Sparx Enterprise Architect Client reveals plaintext OAuth2 client secret

CVE-2025-15621 MEDIUM

Sparx Enterprise Architect Client does not verify the receiver of OAuth2 credentials during OpenID authentication

CVE-2025-15617 MEDIUM

Wazuh GitHub Actions Workflow Exposure of Sensitive Credentials

CVE-2025-13478 HIGH

Cache Misconfiguration Leading to Cross-User Data Exposure

CVE-2025-36440 MEDIUM

Multiple Vulnerabilities in IBM Concert Software

CVE-2025-14790 MEDIUM

IBM InfoSphere Information Server is vulnerable to disclosure of sensitive information

CVE-2025-64998 HIGH

Session hijacking via exposed session signing secret in distributed Checkmk setups

CVE-2025-67860 LOW

NeuVector Scanner - Info Disclosure

CVE-2025-52623 LOW

Hcltech Aion - Insufficiently Protected Credentials

CVE-2025-9521 MEDIUM

Omada Controllers - Privilege Escalation

CVE-2025-65098 HIGH

Typebot < 3.13.2 - Missing Authorization

CVE-2025-58742 MEDIUM

Milner ImageDirector Capture <7.6.3.25808 - SSRF

CVE-2025-58741 HIGH

Milner ImageDirector Capture <7.6.3.25808 - Info Disclosure

CVE-2025-69271 HIGH

Broadcom DX Netops Spectrum - Insufficiently Protected Credentials

CVE-2025-62327 MEDIUM

Hcltechsw Hcl Devops Deploy - Insufficiently Protected Credentials

CVE-2025-67732 MEDIUM

Dify < 1.11.0 - Information Disclosure

CVE-2025-64420 CRITICAL

Coollabs Coolify < 4.0.0 - Insufficiently Protected Credentials

CVE-2025-64122 MEDIUM

Nuvation Energy MSC <2.5.1 - Open Redirect

CVE-2025-15113 CRITICAL

Ksenia Security Lares 4.0 Home Automation <1.6 - Code Injection

CVE-2025-66029 HIGH

Open OnDemand <4.0.8 - Info Disclosure

Previous Page 3 of 53 Next

Details

Vulnerabilities 1,323

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy