Common Weakness Enumeration

CWE-321

Allowed

Use of Hard-coded Cryptographic Key

Abstraction: Variant · Status: Draft

The product uses a hard-coded, unchangeable cryptographic key.

503 vulnerabilities reference this CWE, most recent first.

CVE-2026-11347 (GCVE-0-2026-11347)

Vulnerability from cvelistv5 – Published: 2026-06-05 10:18 – Updated: 2026-06-05 20:22
VLAI
Title
Hardcoded Cryptographic Keys and Weak IV Generation in linqi
Summary
The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors (IVs) for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with local access can leverage these vulnerabilities to decrypt sensitive obfuscated strings, including ConnectionString values containing database credentials from appsettings.json.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
  • CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Assigner
References
Impacted products
Vendor Product Version
linqi GmbH linqi Affected: 0 , ≤ 1.4.8.5 (custom)
Create a notification for this product.
Credits
Ianis BERNARD from NATO Cyber Security Centre (NCSC)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-11347",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-05T20:22:15.334464Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-05T20:22:25.302Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "linqi",
          "vendor": "linqi GmbH",
          "versions": [
            {
              "lessThanOrEqual": "1.4.8.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Ianis BERNARD from NATO Cyber Security Centre (NCSC)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors (IVs) for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with local access can leverage these vulnerabilities to decrypt sensitive obfuscated strings, including ConnectionString values containing database credentials from appsettings.json.\u003c/p\u003e"
            }
          ],
          "value": "The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors (IVs) for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with local access can leverage these vulnerabilities to decrypt sensitive obfuscated strings, including ConnectionString values containing database credentials from appsettings.json."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321: Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-338",
              "description": "CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-05T11:51:48.757Z",
        "orgId": "86c47df7-7d28-48da-920a-6423c52fd3da",
        "shortName": "linqi"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://linqi.help/en/reference/security/security-advisories/#security-advisory-hardcoded-cryptographic-keys-and-weak-iv-generation-in-linqi"
        }
      ],
      "title": "Hardcoded Cryptographic Keys and Weak IV Generation in linqi"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "86c47df7-7d28-48da-920a-6423c52fd3da",
    "assignerShortName": "linqi",
    "cveId": "CVE-2026-11347",
    "datePublished": "2026-06-05T10:18:35.703Z",
    "dateReserved": "2026-06-05T08:52:47.208Z",
    "dateUpdated": "2026-06-05T20:22:25.302Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-9770 (GCVE-0-2026-9770)

Vulnerability from cvelistv5 – Published: 2026-07-15 00:21 – Updated: 2026-07-15 12:38
VLAI
Title
Hardcoded Cryptographic Key Information Disclosure Vulnerability on TP-Link Kasa EC70 and EC71
Summary
Kasa EC71 v4 and EC70 v4 firmware contains a static cryptographic private key stored in a read-only filesystem that is shared across devices.  An attacker with access to the firmware image can extract the embedded key.  Successful exploitation may allow an unauthenticated attacker on the same network to use this key in the web management service, compromising the confidentiality of encrypted communications. This may enable passive decryption of traffic or active man-in-the-middle (MITM) attacks
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of hard-coded cryptographic key
Assigner
Impacted products
Vendor Product Version
TP-Link Systems Inc. Kasa EC71 v4 Affected: 0 , < 2.4.0 Build 20260520 rel.4191 (custom)
Create a notification for this product.
TP-Link Systems Inc. Kasa EC70 v4 Affected: 0 , < 2.4.0 Build 20260520 rel.4191 (custom)
Create a notification for this product.
Credits
Christopher Childress
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-9770",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-15T12:37:44.275721Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-15T12:38:03.180Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Kasa EC71 v4",
          "vendor": "TP-Link Systems Inc.",
          "versions": [
            {
              "lessThan": "2.4.0 Build 20260520 rel.4191",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Kasa EC70 v4",
          "vendor": "TP-Link Systems Inc.",
          "versions": [
            {
              "lessThan": "2.4.0 Build 20260520 rel.4191",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Christopher Childress"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eKasa EC71 v4 and EC70 v4 firmware contains a static cryptographic private key stored in a read-only filesystem\nthat is shared across devices.\u0026nbsp; An\nattacker with access to the firmware image can extract the embedded key.\u0026nbsp; \u003c/p\u003e\u003cp\u003e\n\n\u003c/p\u003e\u003cp\u003eSuccessful\nexploitation may allow an unauthenticated attacker on the same network to use\nthis key in the web management service, compromising the confidentiality of\nencrypted communications. This may enable passive decryption of traffic or\nactive man-in-the-middle (MITM) attacks\u003c/p\u003e"
            }
          ],
          "value": "Kasa EC71 v4 and EC70 v4 firmware contains a static cryptographic private key stored in a read-only filesystem\nthat is shared across devices.\u00a0 An\nattacker with access to the firmware image can extract the embedded key.\u00a0 \n\n\n\n\n\n\n\n\n\nSuccessful\nexploitation may allow an unauthenticated attacker on the same network to use\nthis key in the web management service, compromising the confidentiality of\nencrypted communications. This may enable passive decryption of traffic or\nactive man-in-the-middle (MITM) attacks"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-474",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-474 Signature Spoofing by Key Theft"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321 Use of hard-coded cryptographic key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-15T00:21:06.126Z",
        "orgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
        "shortName": "TPLink"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.tp-link.com/en/support/download/ec71/v4/#Firmware-Release-Notes"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.tp-link.com/us/support/download/ec71/v4/#Firmware-Release-Notes"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.tp-link.com/us/support/download/ec70/v4/#Firmware-Release-Notes"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.tp-link.com/en/support/download/ec70/v4/#Firmware-Release-Notes"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.tp-link.com/us/support/faq/5192/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Hardcoded Cryptographic Key Information Disclosure Vulnerability on TP-Link Kasa EC70 and EC71",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
    "assignerShortName": "TPLink",
    "cveId": "CVE-2026-9770",
    "datePublished": "2026-07-15T00:21:06.126Z",
    "dateReserved": "2026-05-27T22:00:46.491Z",
    "dateUpdated": "2026-07-15T12:38:03.180Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-9260 (GCVE-0-2026-9260)

Vulnerability from cvelistv5 – Published: 2026-06-15 23:38 – Updated: 2026-06-16 12:41
VLAI
Summary
Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of hard-coded cryptographic key
Assigner
Credits
This issue was discovered by Ryan Hausknecht (@haus3c)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-9260",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-16T12:41:33.426171Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-16T12:41:43.181Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "EOS Network Setting Tool for Windows",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "1.5.0 or earlier"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "EOS Network Setting Tool for macOS",
          "vendor": "Canon Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "1.5.0 or earlier"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "This issue was discovered by Ryan Hausknecht (@haus3c)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
            }
          ],
          "value": "Use of hard-coded cryptographic keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier"
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321 Use of hard-coded cryptographic key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-15T23:38:29.951Z",
        "orgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
        "shortName": "Canon"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://psirt.canon/advisory-information/cp2026-005/"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://canon.jp/support/support-info/260615vulnerability-response"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.usa.canon.com/about-us/to-our-customers/cpa2026-005-vulnerability-remediation-for-eos-network-setting-tool"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.canon-europe.com/support/product-security/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f98c90f0-e9bd-4fa7-911b-51993f3571fd",
    "assignerShortName": "Canon",
    "cveId": "CVE-2026-9260",
    "datePublished": "2026-06-15T23:38:29.951Z",
    "dateReserved": "2026-05-21T23:14:51.893Z",
    "dateUpdated": "2026-06-16T12:41:43.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-9220 (GCVE-0-2026-9220)

Vulnerability from cvelistv5 – Published: 2026-06-25 23:13 – Updated: 2026-06-26 12:36
VLAI
Title
Setracker2 Children's Smartwatch Ecosystem Use of hard-coded cryptographic key
Summary
Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior encrypts requests between the watch and its backend with static hardcoded AES keys and initialization vectors. This allows an attacker to decrypt Setracker2 watch traffic.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of hard-coded cryptographic key
Assigner
Credits
Huancheng Hu of Hasso Plattner Institute reported these vulnerabilities to CISA, with support from Prof. Christian Doerr.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-9220",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-26T12:36:44.287025Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-26T12:36:54.428Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Setracker2 Parental Control App (Android) package com.tgelec.setracker",
          "vendor": "Shenzhen i365-Tech Co. Ltd.",
          "versions": [
            {
              "lessThanOrEqual": "3.1.5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Huancheng Hu of Hasso Plattner Institute reported these vulnerabilities to CISA, with support from Prof. Christian Doerr."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior encrypts requests between the watch and its backend with static hardcoded AES keys and initialization vectors. This allows an attacker to decrypt Setracker2 watch traffic."
            }
          ],
          "value": "Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior encrypts requests between the watch and its backend with static hardcoded AES keys and initialization vectors. This allows an attacker to decrypt Setracker2 watch traffic."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "other": {
            "content": {
              "options": [
                {
                  "Exploitation": "none"
                },
                {
                  "Automatable": "yes"
                },
                {
                  "Technical Impact": "partial"
                }
              ],
              "role": "CNA",
              "version": "2.0.3"
            },
            "type": "ssvc"
          },
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321 Use of hard-coded cryptographic key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T23:13:41.275Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://raw.githubusercontent.com/cisagov/CSAF/refs/heads/develop/csaf_files/VA/white/2026/va-26-176-01.json"
        }
      ],
      "source": {
        "advisory": "va-26-176-01",
        "discovery": "EXTERNAL"
      },
      "title": "Setracker2 Children\u0027s Smartwatch Ecosystem Use of hard-coded cryptographic key",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The vendor was unresponsive in CISA\u0027s attempts to contact for coordination. No known remediations are available. Affected users are encouraged to contact the vendor or their local supplier."
            }
          ],
          "value": "The vendor was unresponsive in CISA\u0027s attempts to contact for coordination. No known remediations are available. Affected users are encouraged to contact the vendor or their local supplier."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2026-9220",
    "datePublished": "2026-06-25T23:13:41.275Z",
    "dateReserved": "2026-05-21T17:34:14.249Z",
    "dateUpdated": "2026-06-26T12:36:54.428Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-8739 (GCVE-0-2026-8739)

Vulnerability from cvelistv5 – Published: 2026-05-17 07:45 – Updated: 2026-05-18 20:09
VLAI
Title
Sanluan PublicCMS SafeConfigComponent.java getSignKey hard-coded key
Summary
A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefile_key results in use of hard-coded cryptographic key . The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
  • CWE-320 - Key Management Error
Assigner
References
URL Tags
https://vuldb.com/vuln/364327 vdb-entrytechnical-description
https://vuldb.com/vuln/364327/cti signaturepermissions-required
https://vuldb.com/submit/809917 third-party-advisory
https://vulnplus-note.wetolink.com/share/PCVUlOncmwTC exploit
Impacted products
Vendor Product Version
Sanluan PublicCMS Affected: 5.202506.d
    cpe:2.3:a:publiccms:publiccms:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
vulnplusbot (VulDB User) VulDB CNA Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-8739",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-18T20:08:32.296671Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-18T20:09:22.101Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:publiccms:publiccms:*:*:*:*:*:*:*:*"
          ],
          "product": "PublicCMS",
          "vendor": "Sanluan",
          "versions": [
            {
              "status": "affected",
              "version": "5.202506.d"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "vulnplusbot (VulDB User)"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "VulDB CNA Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefile_key results in use of hard-coded cryptographic key\r . The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 5,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-320",
              "description": "Key Management Error",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-17T07:45:12.075Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-364327 | Sanluan PublicCMS SafeConfigComponent.java getSignKey hard-coded key",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/364327"
        },
        {
          "name": "VDB-364327 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/364327/cti"
        },
        {
          "name": "Submit #809917 | PublicCMS V5.202506.d Anonymous Private File Download",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/809917"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://vulnplus-note.wetolink.com/share/PCVUlOncmwTC"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-05-16T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-05-16T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-05-16T12:41:41.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Sanluan PublicCMS SafeConfigComponent.java getSignKey hard-coded key"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-8739",
    "datePublished": "2026-05-17T07:45:12.075Z",
    "dateReserved": "2026-05-16T10:36:27.832Z",
    "dateUpdated": "2026-05-18T20:09:22.101Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-8243 (GCVE-0-2026-8243)

Vulnerability from cvelistv5 – Published: 2026-05-10 09:00 – Updated: 2026-05-18 13:50
VLAI
Title
Industrial Application Software IAS Canias ERP JNLP Deployment Endpoint hard-coded key
Summary
A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be performed from remote. The vendor was contacted early about this disclosure but did not respond in any way.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
  • CWE-320 - Key Management Error
Assigner
References
Impacted products
Vendor Product Version
Industrial Application Software IAS Canias ERP Affected: 8.03
    cpe:2.3:a:industrial_application_software_ias:canias_erp:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Bilal Güneş (HawkTrace) b1lal (VulDB User) b1lal (VulDB User) VulDB CNA Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-8243",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-11T15:08:45.556151Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-11T15:08:54.692Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:industrial_application_software_ias:canias_erp:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "JNLP Deployment Endpoint"
          ],
          "product": "Canias ERP",
          "vendor": "Industrial Application Software IAS",
          "versions": [
            {
              "status": "affected",
              "version": "8.03"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Bilal G\u00fcne\u015f (HawkTrace)"
        },
        {
          "lang": "en",
          "type": "reporter",
          "value": "b1lal (VulDB User)"
        },
        {
          "lang": "en",
          "type": "analyst",
          "value": "b1lal (VulDB User)"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "VulDB CNA Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint. Executing a manipulation can lead to use of hard-coded cryptographic key\r . The attack may be performed from remote. The vendor was contacted early about this disclosure but did not respond in any way."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:X",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:X",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N/E:ND/RL:ND/RC:ND",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-320",
              "description": "Key Management Error",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-18T13:50:11.265Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-362459 | Industrial Application Software IAS Canias ERP JNLP Deployment Endpoint hard-coded key",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/vuln/362459"
        },
        {
          "name": "VDB-362459 | CTI Indicators (IOB, IOC, TTP)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/362459/cti"
        },
        {
          "name": "Submit #808296 | Industrial Application Software - IAS Canias ERP 8.03-- Use of Hard-coded Cryptographic Key (CWE-321)",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/808296"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://hawktrace.com/blog/caniaserp"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-05-09T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-05-09T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-05-18T15:52:15.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Industrial Application Software IAS Canias ERP JNLP Deployment Endpoint hard-coded key"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-8243",
    "datePublished": "2026-05-10T09:00:12.301Z",
    "dateReserved": "2026-05-09T16:33:15.982Z",
    "dateUpdated": "2026-05-18T13:50:11.265Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-7306 (GCVE-0-2026-7306)

Vulnerability from cvelistv5 – Published: 2026-04-28 19:30 – Updated: 2026-04-30 12:58
VLAI
Title
Xuxueli xxl-job OpenAPI Endpoint OpenApiController.java hard-coded key
Summary
A security vulnerability has been detected in Xuxueli xxl-job up to 3.3.2. The impacted element is an unknown function of the file xxl-job-admin/src/main/java/com/xxl/job/admin/scheduler/openapi/OpenApiController.java of the component OpenAPI Endpoint. Such manipulation of the argument default_token leads to use of hard-coded cryptographic key . It is possible to launch the attack remotely. A high complexity level is associated with this attack. The exploitability is regarded as difficult. The exploit has been disclosed publicly and may be used.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
  • CWE-320 - Key Management Error
Assigner
References
Impacted products
Vendor Product Version
Xuxueli xxl-job Affected: 3.3.0
Affected: 3.3.1
Affected: 3.3.2
    cpe:2.3:a:xuxueli:xxl-job:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
larlarua (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-7306",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-30T12:57:53.118222Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-30T12:58:07.137Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:xuxueli:xxl-job:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "OpenAPI Endpoint"
          ],
          "product": "xxl-job",
          "vendor": "Xuxueli",
          "versions": [
            {
              "status": "affected",
              "version": "3.3.0"
            },
            {
              "status": "affected",
              "version": "3.3.1"
            },
            {
              "status": "affected",
              "version": "3.3.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "larlarua (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A security vulnerability has been detected in Xuxueli xxl-job up to 3.3.2. The impacted element is an unknown function of the file xxl-job-admin/src/main/java/com/xxl/job/admin/scheduler/openapi/OpenApiController.java of the component OpenAPI Endpoint. Such manipulation of the argument default_token leads to use of hard-coded cryptographic key\r . It is possible to launch the attack remotely. A high complexity level is associated with this attack. The exploitability is regarded as difficult. The exploit has been disclosed publicly and may be used."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 5.1,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-320",
              "description": "Key Management Error",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-28T19:30:13.749Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-359961 | Xuxueli xxl-job OpenAPI Endpoint OpenApiController.java hard-coded key",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/359961"
        },
        {
          "name": "VDB-359961 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/359961/cti"
        },
        {
          "name": "Submit #803077 | xuxueli https://github.com/xuxueli/xxl-job v3.3.2 Authorization Bypass",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/803077"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/xuxueli/xxl-job/issues/3938"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/xuxueli/xxl-job/issues/3938#issuecomment-4149938881"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/xuxueli/xxl-job/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-04-28T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-04-28T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-04-28T13:50:29.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Xuxueli xxl-job OpenAPI Endpoint OpenApiController.java hard-coded key"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-7306",
    "datePublished": "2026-04-28T19:30:13.749Z",
    "dateReserved": "2026-04-28T11:45:16.427Z",
    "dateUpdated": "2026-04-30T12:58:07.137Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-7018 (GCVE-0-2026-7018)

Vulnerability from cvelistv5 – Published: 2026-04-26 03:30 – Updated: 2026-04-27 17:02
VLAI
Title
Datavane Datavines JWT Token TokenManager.java hard-coded key
Summary
A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/core/utils/TokenManager.java of the component JWT Token Handler. Executing a manipulation of the argument tokenSecret can lead to use of hard-coded cryptographic key . The attack can be executed remotely. The attack requires a high level of complexity. The exploitability is described as difficult. The exploit has been publicly disclosed and may be utilized. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. This patch is called e540d6dc04e2e6ad11907fb655f3728a13e7b939. It is advisable to implement a patch to correct this issue. The project was informed of the problem early through a pull request but has not reacted yet.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
  • CWE-320 - Key Management Error
Assigner
Impacted products
Vendor Product Version
Datavane Datavines Affected: 13607645e14a4982468cfdbcf75c85cde63bae71
Create a notification for this product.
Credits
anch0r (VulDB User) VulDB CNA Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-7018",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-27T17:02:13.330526Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-27T17:02:44.468Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "JWT Token Handler"
          ],
          "product": "Datavines",
          "vendor": "Datavane",
          "versions": [
            {
              "status": "affected",
              "version": "13607645e14a4982468cfdbcf75c85cde63bae71"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "anch0r (VulDB User)"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "VulDB CNA Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/core/utils/TokenManager.java of the component JWT Token Handler. Executing a manipulation of the argument tokenSecret can lead to use of hard-coded cryptographic key\r . The attack can be executed remotely. The attack requires a high level of complexity. The exploitability is described as difficult. The exploit has been publicly disclosed and may be utilized. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. This patch is called e540d6dc04e2e6ad11907fb655f3728a13e7b939. It is advisable to implement a patch to correct this issue. The project was informed of the problem early through a pull request but has not reacted yet."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 5.1,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-320",
              "description": "Key Management Error",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-26T03:30:20.576Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-359597 | Datavane Datavines JWT Token TokenManager.java hard-coded key",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/359597"
        },
        {
          "name": "VDB-359597 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/359597/cti"
        },
        {
          "name": "Submit #797305 | datavane datavanes \u003c= 1.0.0-SNAPSHOT Improper Authentication",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/797305"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/datavane/datavines/issues/580"
        },
        {
          "tags": [
            "issue-tracking",
            "patch"
          ],
          "url": "https://github.com/datavane/datavines/pull/579"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/datavane/datavines/issues/580#issue-4206839649"
        },
        {
          "tags": [
            "issue-tracking",
            "patch"
          ],
          "url": "https://github.com/datavane/datavines/pull/579/changes/e540d6dc04e2e6ad11907fb655f3728a13e7b939"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/datavane/datavines/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-04-25T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-04-25T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-04-25T12:37:25.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Datavane Datavines JWT Token TokenManager.java hard-coded key"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-7018",
    "datePublished": "2026-04-26T03:30:20.576Z",
    "dateReserved": "2026-04-25T10:32:08.296Z",
    "dateUpdated": "2026-04-27T17:02:44.468Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-6787 (GCVE-0-2026-6787)

Vulnerability from cvelistv5 – Published: 2026-05-06 15:46 – Updated: 2026-05-06 16:11
VLAI
Title
Usage of a hard-coded cryptographic key in WatchGuard Agent allows inclusion of code into existing process
Summary
Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.This issue affects WatchGuard Agent: before 1.25.03.0000.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
Impacted products
Vendor Product Version
WatchGuard WatchGuard Agent Affected: 0 , < 1.25.03.0000 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-6787",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-06T16:11:48.734253Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-06T16:11:58.312Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "WatchGuard Agent",
          "vendor": "WatchGuard",
          "versions": [
            {
              "lessThan": "1.25.03.0000",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:watchguard:single_watchguard_agent:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "1.25.03.0000",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.\u003cp\u003eThis issue affects\u0026nbsp;WatchGuard Agent: before 1.25.03.0000.\u003c/p\u003e"
            }
          ],
          "value": "Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.This issue affects\u00a0WatchGuard Agent: before 1.25.03.0000."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-640",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-640 Inclusion of Code in Existing Process"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321 Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-06T15:46:26.104Z",
        "orgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
        "shortName": "WatchGuard"
      },
      "references": [
        {
          "url": "https://www.watchguard.com/wgrd-psirt/advisory/WGSA-2026-00013"
        }
      ],
      "source": {
        "defect": [
          "AETHER-11836"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Usage of a hard-coded cryptographic key in WatchGuard Agent allows inclusion of code into existing process",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
    "assignerShortName": "WatchGuard",
    "cveId": "CVE-2026-6787",
    "datePublished": "2026-05-06T15:46:26.104Z",
    "dateReserved": "2026-04-21T13:21:17.555Z",
    "dateUpdated": "2026-05-06T16:11:58.312Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-6611 (GCVE-0-2026-6611)

Vulnerability from cvelistv5 – Published: 2026-04-20 06:00 – Updated: 2026-04-20 16:00
VLAI
Title
liangliangyy DjangoBlog File Upload Endpoint settings.py hard-coded key
Summary
A vulnerability was found in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component File Upload Endpoint. Performing a manipulation of the argument SECRET_KEY results in use of hard-coded cryptographic key . Remote exploitation of the attack is possible. The attack's complexity is rated as high. The exploitability is reported as difficult. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
  • CWE-320 - Key Management Error
Assigner
References
URL Tags
https://vuldb.com/vuln/358246 vdb-entrytechnical-description
https://vuldb.com/vuln/358246/cti signaturepermissions-required
https://vuldb.com/submit/790313 third-party-advisory
https://github.com/3em0/cve_repo/blob/main/Django… exploit
Impacted products
Credits
Dem0 (VulDB User) VulDB CNA Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-6611",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-20T15:59:49.180946Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-20T16:00:23.582Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "File Upload Endpoint"
          ],
          "product": "DjangoBlog",
          "vendor": "liangliangyy",
          "versions": [
            {
              "status": "affected",
              "version": "2.1.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Dem0 (VulDB User)"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "VulDB CNA Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component File Upload Endpoint. Performing a manipulation of the argument SECRET_KEY results in use of hard-coded cryptographic key\r . Remote exploitation of the attack is possible. The attack\u0027s complexity is rated as high. The exploitability is reported as difficult. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 2.6,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-320",
              "description": "Key Management Error",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-20T06:00:18.066Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-358246 | liangliangyy DjangoBlog File Upload Endpoint settings.py hard-coded key",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/358246"
        },
        {
          "name": "VDB-358246 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/358246/cti"
        },
        {
          "name": "Submit #790313 | liangliangyy DjangoBlog \u003c= 2.1.0.0 Security Misconfiguration + Hardcoded Credentials",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/790313"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/3em0/cve_repo/blob/main/DjangoBlog/Vuln-11-Weak-File-Upload-Auth.md"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-04-19T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-04-19T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-04-19T18:11:29.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "liangliangyy DjangoBlog File Upload Endpoint settings.py hard-coded key"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-6611",
    "datePublished": "2026-04-20T06:00:18.066Z",
    "dateReserved": "2026-04-19T16:06:15.273Z",
    "dateUpdated": "2026-04-20T16:00:23.582Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Mitigation
Architecture and Design

Prevention schemes mirror that of hard-coded password storage.

No CAPEC attack patterns related to this CWE.