CWE-798— Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.— MITRE CWE catalog
1,625 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-798page 32 of 33
- CVE-2026-23781CRITICALCVSS 9.8EG 9.82026-04-10
An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. A set of default debug user credentials is hardcoded in cleartext within the application package. If left unchanged, these credentials can be easily obtained and may allow…
- CVE-2026-24346CRITICALCVSS 9.1EG 9.12026-01-27
Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protected areas in the web application
- CVE-2026-24444CRITICALCVSS 9.8EG 9.82026-05-28
SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9_B9 contain a hardcoded password vulnerability in the web management interface recovery endpoints (mgmt.php, npcmd.php) that allows unauthenticated attackers to gain …
- CVE-2026-24448CRITICALCVSS 9.8EG 9.82026-03-11
Use of hard-coded credentials issue exists in MR-GM5L-S1 and MR-GM5A-L1, which may allow an attacker to obtain administrative access.
- CVE-2026-24840HIGHCVSS 8.0EG 8.02026-01-28
Dokploy is a free, self-hostable Platform as a Service (PaaS). In versions prior to 0.26.6, a hardcoded credential in the provided installation script (located at https://dokploy.com/install.sh, line 154) uses a hardcoded password when cre…
- CVE-2026-25202CRITICALCVSS 9.8EG 9.82026-02-02
The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1.
- CVE-2026-25600MEDIUMCVSS 6.4EG 6.42026-06-01
The PDBM application relies on a static, hard‑coded secret embedded in the PDBM.exe executable. This secret is used by the application’s encryption routines, including the function responsible for decrypting credentials stored in th…
- CVE-2026-25601MEDIUMCVSS 6.4EG 6.42026-04-01
A vulnerability was identified in MEPIS RM, an industrial software product developed by Metronik. The application contained a hardcoded cryptographic key within the Mx.Web.ComponentModel.dll component. When the option to store domain passw…
- CVE-2026-25803CRITICALCVSS 9.8EG 9.82026-02-06
3DP-MANAGER is an inbound generator for 3x-ui. In version 2.0.1 and prior, the application automatically creates an administrative account with known default credentials (admin/admin) upon the first initialization. Attackers with network a…
- CVE-2026-2616HIGHCVSS 8.8EG 8.82026-02-17
A vulnerability has been found in Beetel 777VR1 up to 01.00.09. The impacted element is an unknown function of the component Web Management Interface. The manipulation leads to hard-coded credentials. The attack needs to be initiated withi…
- CVE-2026-26218CRITICALCVSS 9.8EG 9.82026-02-12
newbee-mall includes pre-seeded administrator accounts in its database initialization script. These accounts are provisioned with a predictable default password. Deployments that initialize or reset the database using the provided schema a…
- CVE-2026-26334HIGHCVSS 7.8EG 7.82026-02-13
Calero VeraSMART versions prior to 2026 R1 contain hardcoded static AES encryption keys within Veramark.Framework.dll (Veramark.Core.Config class). These keys are used to encrypt the password of the service account stored in C:\\VeraSMART…
- CVE-2026-2635HIGHCVSS 7.3EG 9.82026-02-20
MLflow Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability. The…
- CVE-2026-27073HIGHCVSS 7.5EG 7.52026-03-25
Use of Hard-coded Credentials vulnerability in Addi Addi – Cuotas que se adaptan a ti buy-now-pay-later-addi allows Password Recovery Exploitation.This issue affects Addi – Cuotas que se adaptan a ti: from n/a through <= 2.0.4.
- CVE-2026-27785HIGHCVSS 8.8EG 8.82026-04-28
Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials.
- CVE-2026-29023HIGHCVSS 7.3EG 7.32026-03-09
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the …
- CVE-2026-31928CRITICALCVSS 9.8EG 8.12026-06-26
The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access.
- CVE-2026-32834HIGHCVSS 7.5EG 7.52026-05-04
Easy PayPal Events & Tickets plugin for WordPress before version 1.4 contains a hardcoded authentication bypass vulnerability in the QR code scanning functionality that allows unauthenticated remote attackers to bypass hash verification by…
- CVE-2026-33893HIGHCVSS 7.5EG 7.52026-05-12
A vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), Teamcenter V2412 (All versions < V2412.0009), Teamcenter V2506 (All versions < V2506.0005), Teamcenter V2512…
- CVE-2026-35503CRITICALCVSS 9.8EG 9.82026-04-24
A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed scripts rather than server-side verification. An …
- CVE-2026-36538HIGHCVSS 7.3EG 7.32026-05-27
Netis AC1200 Router NC21 V4.0.1.4296 contains a hard-coded root credential stored in /etc/shadow.sample. The password for the root account is set to the trivially weak value root, allowing an attacker with access to the device to authentic…
- CVE-2026-36606HIGHCVSS 7.1EG 7.12026-06-03
Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 encrypts configuration backups with a hardcoded DES key using single DES in ECB mode. An attacker who obtains a backup file can decrypt it to recover all stored credentials in…
- CVE-2026-36616MEDIUMCVSS 5.9EG 5.92026-06-03
Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 contains hardcoded WiFi driver credentials including a RADIUS shared secret, WPS test key, and default PSK embedded in the production firmware binary.
- CVE-2026-37270CRITICALCVSS 9.8EG 9.82026-07-07
Trueview Security camera T18161- AF v4.9.60.0 contains an authentication bypass vulnerability caused by improper password validation and the presence of hard-coded credentials in the firmware.
- CVE-2026-3873HIGHCVSS 7.2EG 7.22026-03-13
Use of Hard-coded Credentials vulnerability in Avantra allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Avantra: before 25.3.0.
- CVE-2026-40636CRITICALCVSS 9.8EG 9.82026-05-11
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, …
- CVE-2026-41446CRITICALCVSS 9.8EG 9.82026-04-28
Snap One WattBox 800 and 820 series firmware versions prior to 2.10.0.0 contain undisclosed diagnostic HTTP endpoints that require only the device MAC address and service tag for authentication, both of which are printed in plaintext on th…
- CVE-2026-42251HIGHCVSS 8.7EG 8.72026-06-01
Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have be…
- CVE-2026-42372HIGHCVSS 8.8EG 8.82026-05-04
D-Link DIR-605L Hardware Revision A1 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35_dlwbr_dir605l" re…
- CVE-2026-42373CRITICALCVSS 9.8EG 9.82026-05-04
D-Link DIR-605L Hardware Revision B2 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn76_dlwbr_dir605L" re…
- CVE-2026-42374CRITICALCVSS 9.8EG 9.82026-05-04
D-Link DIR-600L Hardware Revision B1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61_dlwbr_dir600L" read fr…
- CVE-2026-42375CRITICALCVSS 9.8EG 9.82026-05-04
D-Link DIR-600L Hardware Revision A1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35_dlwbr_dir600l" read fr…
- CVE-2026-42376CRITICALCVSS 9.8EG 9.82026-05-04
D-Link DIR-456U Hardware Revision A1 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh with the username "Alphanetworks" and the static password "whdrv01_dlob_…
- CVE-2026-42869CRITICALCVSS 10.0EG 10.02026-05-11
SOCFortress CoPilot focuses on providing a single pane of glass for all your security operations needs. Prior to 0.1.57, SOCFortress CoPilot ships a hardcoded JWT signing secret as a fallback value in backend/app/auth/utils.py:28 and ships…
- CVE-2026-42929HIGHCVSS 8.3EG 8.32026-05-29
Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials.
- CVE-2026-44825HIGHCVSS 8.1EG 8.12026-06-01
Hardcoded credentials in the Basic Authentication setup tool (bin/solr auth enable) in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access to the cluster via publicly known defau…
- CVE-2026-45039CRITICALCVSS 9.8EG 9.82026-05-28
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the internode RPC layer authenticates every request with an HMAC-SHA256 signature using a shared secret. The function that produces this secret, get_shared…
- CVE-2026-45631CRITICALCVSS 10.0EG 10.02026-05-29
Dokploy is a free, self-hostable Platform as a Service (PaaS). From 0.27.0 to before 0.29.3, a hardcoded BETTER_AUTH_SECRET fallback ("better-auth-secret-123456789") lets an unauthenticated attacker forge email verification JWTs, trigger a…
- CVE-2026-46376CRITICALCVSS 9.8EG 9.82026-05-29
FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel (UCP) using hard-coded initial template credentials if these were not immediately changed by th…
- CVE-2026-46386CRITICALCVSS 9.9EG 9.92026-06-26
OpenProject is open-source, web-based project management software. Prior to , the official openproject/openproject Docker image ships ENV SECRET_KEY_BASE=OVERWRITE_ME as the default Rails master key. Combined with cookies_serializer = :mar…
- CVE-2026-47281CRITICALCVSS 9.6EG 9.62026-06-09
Missing authorization in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
- CVE-2026-47846CRITICALCVSS 9.8EG 9.82026-06-18
Bitnami Cassandra container images are affected by a retained default superuser vulnerability. When a custom administrator account is configured via the CASSANDRA_USER environment variable, the container initialization script creates the n…
- CVE-2026-47847MEDIUMCVSS 5.3EG 5.32026-06-18
Bitnami MariaDB Galera container images and Helm chart are affected by a hardcoded default credential vulnerability in the Galera replication health-check user. The MARIADB_REPLICATION_USER and MARIADB_REPLICATION_PASSWORD environment vari…
- CVE-2026-48241HIGHCVSS 8.1EG 8.12026-05-21
Open ISES Tickets before 3.44.2 contains hardcoded MySQL database credentials in loader.php (a public-facing database utility) that are committed to the source repository. Any actor with access to the public source tree (or an unauthentica…
- CVE-2026-48242HIGHCVSS 8.1EG 8.12026-05-21
Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection credentials (host, username, password, database name) in import_mdb.php. The credentials are embedded in source code committed to the public repository, allowing …
- CVE-2026-48243MEDIUMCVSS 5.3EG 5.32026-05-21
Open ISES Tickets before 3.44.2 embeds a hardcoded WhitePages reverse-phone API key in wp1.php that is committed to the public source repository. Any actor with read access to the source tree can extract the key and use it to make third-pa…
- CVE-2026-48244MEDIUMCVSS 5.3EG 5.32026-05-21
Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in settings.inc.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Pl…
- CVE-2026-48245MEDIUMCVSS 5.3EG 5.32026-05-21
Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform…
- CVE-2026-4832MEDIUMCVSS 6.9EG 6.92026-04-14
CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able to interrogate the SNMP port.
- CVE-2026-49201CRITICALCVSS 9.8EG 9.82026-05-29
The upload.cgi binary, responsible for processing device backups, contains a hardcoded AES encryption key. This allows an attacker to decrypt, modify, and re-encrypt system backups, facilitating persistent backdoor injection.
Map vulnerabilities like CWE-798 to your infrastructure
EchelonGraph correlates every CVE — across CWE-798 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →