Weaknesses of type CWE-798
822 resultsCVE-2026-5189CRITICALNexus Repository 3 - Hardcoded Credential in Internal Database ComponentEPSS 0.5%CVE-2025-57434HIGHCreacast Creabox Manager contains a critical authentication flaw that allows an attacker to bypass login validation. The system grants accesEPSS 0.5%CVE-2017-20234CRITICALGarrettCom Magnum 6K and 10K Authentication Bypass via Hardcoded StringEPSS 0.5%CVE-2026-9139CRITICALTaiko AG1000-01A Rev 7.3/8 Hard-coded Credentials via login.zhtmlEPSS 0.5%CVE-2026-27167NONEGradio: Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session SecretEPSS 0.5%CVE-2024-36049MEDIUMAptos Wisal payroll accounting before 7.1.6 uses hardcoded credentials in the Windows client to fetch the complete list of usernames and pasEPSS 0.5%CVE-2025-56749CRITICALCreativeitem Academy LMS up to and including 6.14 uses a hardcoded default JWT secret for token signing. This predictable secret allows attaEPSS 0.5%CVE-2026-31928CRITICALDaktronics Controller Firmware Use of Hard-coded CredentialsEPSS 0.4%CVE-2023-6255HIGHHardcoded Credentals in SoliClub Mobile AppEPSS 0.4%CVE-2026-32834HIGHEasy PayPal Events & Tickets < 1.4 Authentication Bypass via QR Code ScanningEPSS 0.4%CVE-2023-34284MEDIUMNETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass VulnerabilityEPSS 0.4%CVE-2023-30354CRITICALShenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi passwoEPSS 0.4%CVE-2025-34196CRITICALVasion Print (formerly PrinterLogic) Hardcoded PrinterLogic CA Private Key and Hardcoded PasswordEPSS 0.4%CVE-2024-5810MEDIUMWP2Speed Faster – Optimize PageSpeed Insights Score 90-100 <= 1.0.1 - Improper Authorization due to use of Hardcoded CredentialsEPSS 0.4%CVE-2025-28230CRITICALIncorrect access control in JMBroadcast JMB0150 Firmware v1.0 allows attackers to access hardcoded administrator credentials.EPSS 0.4%CVE-2024-0390MEDIUMHard-coded credentials in iZZi connect applicationEPSS 0.4%CVE-2023-33836MEDIUMIBM Security Verify Governance information disclosureEPSS 0.4%CVE-2023-37857LOWPHOENIX CONTACT: Use of Hard-coded Credentials in WP 6xxx Web panelsEPSS 0.4%CVE-2026-42869CRITICALSOCFortress CoPilot: Hardcoded JWT secret allows unauthenticated full admin compromise and lateral movement into all integrated SOC toolsEPSS 0.4%CVE-2025-45813CRITICALENENSYS IPGuard v2 2.10.0 was discovered to contain hardcoded credentials.EPSS 0.4%