| Severity | Description | ||||||
|---|---|---|---|---|---|---|---|
| CVE-2026-57302 | Medium | 4.3 v3 | 0.2% | - | -No fix available yet | 2026-06-24 | Jenkins FitNesse Plugin 1.36 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Extended Read permission or access to the Jenkins controller file system. |
| CVE-2026-50268 | Low | 1.9 v3 | 0.0% | - | -No fix available yet | 2026-06-17 | Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Configuration.Encryption 4.0.0 through 4.1.0, configuring `encrypt:rsa:algorithm=OAEP` does not enable OAEP encryption. Due to an incorrect BouncyCastle transformation string, the `OAEP` setting selects PKCS#1 v1.5, which is the same algorithm as the `DEFAULT` setting. Steeltoe.Configuration.Encryption version 4.2.0 patches the issue. |
| CVE-2024-39575 | High | 7.4 v3 | 0.1% | - | -No fix available yet | 2026-06-16 | update_disk_psu_baseline.sh requires password in plain text |
| CVE-2024-45636 | Medium | 4.1 v3 | 0.1% | - | Fix available | 2026-06-11 | IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user. |
| CVE-2026-36174 | Medium | 4.6 v3 | 0.2% | - | -No fix available yet | 2026-06-04 | GNCC GP5 v7.1.76 was discovered to store sensitive wireless network information in plaintext during routine operations to the serial console. This issue allows physically-proximate attackers to obtain sensitive information, including network credentials, via monitoring the serial UART interface. |
| CVE-2018-25396 | High | 7.5 v3 | 0.3% | - | -No fix available yet | 2026-05-29 | Heatmiser Wifi Thermostat 1.7 contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve administrative credentials by accessing the networkSetup.htm page. Attackers can request the networkSetup.htm endpoint and extract plaintext username and password values from HTML form fields to gain administrative access to the thermostat. |
| CVE-2026-42151 | High | 7.5 v3 | 0.3% | - | Fix available | 2026-05-07 | Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the client_secret field in the Azure AD remote write OAuth configuration (storage/remote/azuread) was typed as string instead of Secret. Prometheus redacts fields of type Secret when serving the configuration via the /-/config HTTP API endpoint. Because the field was a plain string, the Azure OAuth client secret was exposed in plaintext to any user or process with access to that endpoint. This issue has been patched in versions 3.5.3 and 3.11.3. |
| CVE-2026-6500 | Medium | 4.8 v4 | 0.1% | - | -No fix available yet | 2026-05-04 | Plaintext storage of a password vulnerability in ILM Informatique OpenConcerto allows Retrieve Embedded Sensitive Data. This issue affects OpenConcerto: 1.7.5. |
| CVE-2025-36335 | Medium | 6.2 v3 | 0.1% | - | -No fix available yet | 2026-04-30 | IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.3.0, 5.3.1 stores user credentials in plain text which can be read by a local user. |
| CVE-2026-6597 | Low | 2.7 v3 | 0.3% | - | -No fix available yet | 2026-04-20 | A weakness has been identified in langflow-ai langflow up to 1.8.3. Impacted is the function remove_api_keys/has_api_terms of the file src/backend/base/langflow/api/utils/core.py of the component Flow Using API. This manipulation causes unprotected storage of credentials. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. |
| CVE-2025-15624 | High | 7.5 v3 | 0.4% | - | -No fix available yet | 2026-04-17 | Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. In a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, Pro Cloud Server creates local passwords to the users and stores them in plaintext. |
| CVE-2021-47961 | High | 8.1 v3 | 0.3% | - | Fix available | 2026-04-10 | A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access or influence the user's PIN code due to insecure storage. This may lead to unauthorized VPN configuration and potential interception of subsequent VPN traffic when combined with user interaction. |
| CVE-2026-35556 | High | 7.5 v3 | 0.3% | - | -No fix available yet | 2026-04-09 | OpenPLC_V3 is vulnerable to a Plaintext Storage of a Password vulnerability that could allow an attacker to retrieve credentials and access sensitive information. |
| CVE-2026-33216 | High | 8.6 v3 | 0.4% | - | Fix available | 2026-04-02 | NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, for MQTT deployments using usercodes/passwords: MQTT passwords are incorrectly classified as a non-authenticating identity statement (JWT) and exposed via monitoring endpoints. Versions 2.11.14 and 2.12.6 contain a fix. As a workaround, ensure monitoring end-points are adequately secured. Best practice remains to not expose the monitoring endpoint to the Internet or other untrusted network users. |
| CVE-2025-36258 | High | 7.1 v3 | 0.2% | - | -No fix available yet | 2026-03-25 | IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by a local user. |
| CVE-2026-31850 | Medium | 4.9 v3 | 0.2% | - | -No fix available yet | 2026-03-23 | Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administrative credentials and WiFi pre-shared keys, in plaintext within exported configuration backup files. These backup files can be obtained through legitimate functionality or other weaknesses and do not apply encryption or hashing, allowing attackers to directly extract sensitive information. |
| CVE-2026-4251 | Low | 2.5 v3 | 0.1% | - | -No fix available yet | 2026-03-16 | A vulnerability was determined in CityData CityChat up to 0.12.6 on Android. Affected by this vulnerability is an unknown functionality of the file resources/assets/flutter_assets/assets/credentials.json of the component ai.citydata.citychat. Executing a manipulation can lead to unprotected storage of credentials. The attack requires local access. A high complexity level is associated with this attack. The exploitation appears to be difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. |
| CVE-2026-4250 | Low | 2.5 v3 | 0.1% | - | -No fix available yet | 2026-03-16 | A vulnerability was found in Albert Sağlık Hizmetleri ve Ticaret Albert Health up to 1.7.3 on Android. Affected is an unknown function of the file resources/assets/service-account.json of the component Google Cloud Service Account Key Handler. Performing a manipulation results in unprotected storage of credentials. The attack requires a local approach. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. |
| CVE-2026-4243 | Low | 2.5 v3 | 0.1% | - | -No fix available yet | 2026-03-16 | A weakness has been identified in La Nacion App 10.2.25 on Android. This impacts an unknown function of the file source/app/lanacion/clublanacion/BuildConfig.java of the component app.lanacion.activity. Executing a manipulation of the argument API_KEY_WEBSOCKET_CV can lead to unprotected storage of credentials. The attack can only be executed locally. A high complexity level is associated with this attack. The exploitability is said to be difficult. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. |
| CVE-2026-4242 | Low | 2.5 v3 | 0.1% | - | -No fix available yet | 2026-03-16 | A security flaw has been discovered in BabyChakra Pregnancy & Parenting App up to 5.4.3.0 on Android. This affects an unknown function of the file file app/babychakra/babychakra/Configuration.java of the component app.babychakra.babychakra. Performing a manipulation of the argument SEGMENT_WRITE_KEY results in unprotected storage of credentials. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitability is reported as difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. |
| CVE-2026-4217 | Low | 2.5 v3 | 0.1% | - | -No fix available yet | 2026-03-16 | A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument accessKey/secretAccessKey/securityToken leads to unprotected storage of credentials. The attack can only be performed from a local environment. The attack requires a high level of complexity. The exploitability is said to be difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. |
| CVE-2026-22285 | Medium | 4.4 v3 | 0.1% | - | Fix available | 2026-03-04 | Dell Device Management Agent (DDMA), versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access. |
| CVE-2024-55026 | Critical | 9.8 v3 | 0.3% | - | -No fix available yet | 2026-03-03 | An issue in the reset_pj.cgi endpoint of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to execute arbitrary commands via supplying a crafted GET request. |
| CVE-2026-28360 | Medium | 5.3 v3 | 0.2% | - | Fix available | 2026-03-02 | NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, shared view passwords were stored in plaintext in the database and compared using direct string equality. This issue has been patched in version 0.301.3. |
| CVE-2026-21660 | Critical | 9.8 v3 | 0.2% | - | -No fix available yet | 2026-02-27 | Hardcoded Email Credentials Saved as Plaintext in Firmware (CWE-256: Plaintext Storage of a Password) vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, exposure of sensitive information, and potential misuse or system compromise This issue affects Frick Controls Quantum HD version 10.22 and prior. |
| CVE-2025-36425 | Medium | 5.3 v3 | 0.2% | - | -No fix available yet | 2026-02-17 | IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to obtain sensitive information under specific HADR configuration. |
| CVE-2026-23797 | Medium | 4.9 v3 | 0.2% | - | -No fix available yet | 2026-02-05 | In Quick.Cart user passwords are stored in plaintext form. An attacker with high privileges can display users' password in user editing page. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.7 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable. |
| CVE-2020-37115 | Medium | 6.5 v3 | 0.3% | - | -No fix available yet | 2026-02-03 | GUnet OpenEclass 1.7.3 stores user credentials in plaintext, allowing administrators to view all registered users' usernames and passwords without encryption. This vulnerability exposes sensitive information and increases the risk of credential theft and unauthorized access. |
| CVE-2025-12680 | Medium | 4.9 v3 | 0.2% | - | Fix available | 2026-02-02 | Brocade SANnav before Brocade SANnav 2.4.0b logs database passwords in clear text in the standby SANnav server, after disaster recovery failover. The vulnerability could allow a remote authenticated attacker with admin privilege able to access the SANnav logs or the supportsave to read the database password. |
| CVE-2026-21417 | High | 7.0 v3 | 0.2% | - | Fix available | 2026-01-27 | Dell CloudBoost Virtual Appliance, versions prior to 19.14.0.0, contains a Plaintext Storage of Password vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. |
| CVE-2025-25051 | Medium | 6.1 v3 | 0.1% | - | -No fix available yet | 2026-01-22 | An attacker could decrypt sensitive data, impersonate legitimate users or devices, and potentially gain access to network resources for lateral attacks. |
| CVE-2025-15113 | Critical | 9.3 v3 | 0.4% | - | -No fix available yet | 2025-12-30 | Ksenia Security lares (legacy model) Home Automation version 1.6 contains an unprotected endpoint vulnerability that allows authenticated attackers to upload MPFS File System binary images. Attackers can exploit this vulnerability to overwrite flash program memory and potentially execute arbitrary code on the home automation system's web server. |
| CVE-2025-15128 | Medium | 5.3 v3 | 0.3% | - | -No fix available yet | 2025-12-28 | A vulnerability was detected in ZKTeco BioTime up to 9.0.3/9.0.4/9.5.2. This affects an unknown part of the file /base/safe_setting/ of the component Endpoint. Performing a manipulation of the argument backup_encryption_password_decrypt/export_encryption_password_decrypt results in unprotected storage of credentials. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 9.0.6 is able to mitigate this issue. It is recommended to upgrade the affected component. The vendor confirms: "The mainstream version ZKBioTime V9.0.6 has fixed this vulnerability. Please update to the latest version as soon as possible. For the Middle East version BioTime 9.5.X, you can contact the local technical support to obtain the fix package." |
| CVE-2018-25130 | Medium | 6.2 v3 | 0.1% | - | -No fix available yet | 2025-12-24 | Beward Intercom 2.3.1 contains a credentials disclosure vulnerability that allows local attackers to access plain-text authentication credentials stored in an unencrypted database file. Attackers can read the BEWARD.INTERCOM.FDB file to extract usernames and passwords, enabling unauthorized access to IP cameras and door stations. |
| CVE-2025-66910 | Medium | 6.0 v3 | 0.2% | - | -No fix available yet | 2025-12-19 | Turms Server v0.10.0-SNAPSHOT and earlier contains a plaintext password storage vulnerability in the administrator authentication system. The BaseAdminService class caches administrator passwords in plaintext within AdminInfo objects to optimize authentication performance. Upon successful login, raw passwords are stored unencrypted in memory in the rawPassword field. Attackers with local system access can extract these passwords through memory dumps, heap analysis, or debugger attachment, bypassing bcrypt protection. |
| CVE-2025-65009 | Unscored | - | 0.2% | - | -No fix available yet | 2025-12-18 | In WODESYS WD-R608U router (also known as WDR122B V2.0 and WDR28) admin password is stored in configuration file as plaintext and can be obtained by unauthorized user by direct references to the resource in question. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version WDR28081123OV1.01 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable. |
| CVE-2024-42197 | Medium | 5.5 v3 | 0.1% | - | -No fix available yet | 2025-12-11 | HCL Workload Scheduler stores user credentials in plain text which can be read by a local user. |
| CVE-2025-14183 | Medium | 4.3 v3 | 0.2% | - | -No fix available yet | 2025-12-07 | A vulnerability was found in SGAI Space1 NAS N1211DS up to 1.0.915. This issue affects the function GET_FACTORY_INFO/GET_USER_INFO of the file /cgi-bin/JSONAPI of the component gsaiagent. The manipulation results in unprotected storage of credentials. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. |
| CVE-2025-56527 | High | 7.5 v3 | 0.4% | - | -No fix available yet | 2025-11-18 | Plaintext password storage in Kotaemon 0.11.0 in the client's localStorage. |
| CVE-2025-13221 | Medium | 5.3 v3 | 0.3% | - | -No fix available yet | 2025-11-15 | A weakness has been identified in Intelbras UnniTI 24.07.11. The affected element is an unknown function of the file /xml/sistema/usuarios.xml. Executing manipulation of the argument Usuario/Senha can lead to unprotected storage of credentials. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. |
| CVE-2025-13187 | Medium | 5.3 v3 | 0.5% | - | -No fix available yet | 2025-11-14 | A security vulnerability has been detected in Intelbras ICIP 2.0.20. Affected is an unknown function of the file /xml/sistema/acessodeusuario.xml. Such manipulation of the argument NomeUsuario/SenhaAcess leads to unprotected storage of credentials. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. |
| CVE-2025-9982 | High | 7.5 v3 | 0.2% | - | -No fix available yet | 2025-11-14 | A vulnerability exists in QuickCMS version 6.8 where sensitive admin credentials are hardcoded in a configuration file and stored in plaintext. This flaw allows attackers with access to the source code or the server file system to retrieve authentication details, potentially leading to privilege escalation. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable. |
| CVE-2025-46366 | Medium | 6.7 v3 | 0.1% | - | Fix available | 2025-11-05 | Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user may exploit and gain parallel privilege escalation or access to the database to obtain confidential information. |
| CVE-2025-11193 | Medium | 5.5 v3 | 0.1% | - | -No fix available yet | 2025-11-03 | A potential vulnerability was reported in some Lenovo Tablets that could allow a local authenticated user or application to gain access to sensitive device specific information. |
| CVE-2025-36002 | Medium | 5.5 v3 | 0.1% | - | Fix available | 2025-10-16 | IBM Sterling B2B Integrator 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6.2.0.0 through 6.2.0.5, and 6.2.1.0 stores user credentials in configuration files which can be read by a local user. |
| CVE-2025-61680 | Unscored | - | 0.3% | - | -No fix available yet | 2025-10-03 | Minecraft RCON Terminal is a VS Code extension that streamlines Minecraft server management. Versions 0.1.0 through 2.0.6 stores passwords using VS Code's configuration API which writes to settings.json in plaintext. This issue is fixed in version 2.1.0. |
| CVE-2025-34210 | Medium | 5.5 v3 | 0.1% | - | -No fix available yet | 2025-10-02 | Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments) store a large number of sensitive credentials (database passwords, MySQL root password, SaaS keys, Portainer admin password, etc.) in cleartext files that are world-readable. Any local user - or any process that can read the host filesystem - can retrieve all of these secrets in plain text, leading to credential theft and full compromise of the appliance. The vendor does not consider this to be a security vulnerability as this product "follows a shared responsibility model, where administrators are expected to configure persistent storage encryption." |
| CVE-2025-43938 | Medium | 5.0 v3 | 0.1% | - | Fix available | 2025-09-10 | Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to gain unauthorized access with privileges of the compromised account. |
| CVE-2025-46809 | Medium | 5.7 v3 | 0.2% | - | -No fix available yet | 2025-07-31 | A Plaintext Storage of a Password vulnerability in SUSE exposes the credentials for the HTTP proxy in the log files. This issue affects Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1: from ? before 4.3.33-150400.3.55.2; Container suse/manager/5.0/x86_64/proxy-httpd:5.0.5.7.23.1: from ? before 5.0.14-150600.4.17.1; Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.14-150600.4.17.1; Image SLES15-SP4-Manager-Proxy-4-3-BYOS: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.33-15 |
| CVE-2025-45702 | Medium | 6.5 v3 | 0.2% | - | -No fix available yet | 2025-07-24 | SoftPerfect Pty Ltd Connection Quality Monitor v1.1 was discovered to store all credentials in plaintext. |
- MediumCVSS 4.3 v3·EPSS 0.2%·No fix yet
Jenkins FitNesse Plugin 1.36 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Extended Read permission or access to the Jenkins controller file system.
Published 2026-06-24
- CVSS 1.9 v3·EPSS 0.0%·No fix yet
Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Configuration.Encryption 4.0.0 through 4.1.0, configuring `encrypt:rsa:algorithm=OAEP` does not enable OAEP encryption. Due to an incorrect BouncyCastle transformation string, the `OAEP` setting selects PKCS#1 v1.5, which is the same algorithm as the `DEFAULT` setting. Steeltoe.Configuration.Encryption version 4.2.0 patches the issue.
Published 2026-06-17
- HighCVSS 7.4 v3·EPSS 0.1%·No fix yet
update_disk_psu_baseline.sh requires password in plain text
Published 2026-06-16
- MediumCVSS 4.1 v3·EPSS 0.1%·Fix available
IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user.
Published 2026-06-11
- MediumCVSS 4.6 v3·EPSS 0.2%·No fix yet
GNCC GP5 v7.1.76 was discovered to store sensitive wireless network information in plaintext during routine operations to the serial console. This issue allows physically-proximate attackers to obtain sensitive information, including network credentials, via monitoring the serial UART interface.
Published 2026-06-04
- HighCVSS 7.5 v3·EPSS 0.3%·No fix yet
Heatmiser Wifi Thermostat 1.7 contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve administrative credentials by accessing the networkSetup.htm page. Attackers can request the networkSetup.htm endpoint and extract plaintext username and password values from HTML form fields to gain administrative access to the thermostat.
Published 2026-05-29
- HighCVSS 7.5 v3·EPSS 0.3%·Fix available
Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the client_secret field in the Azure AD remote write OAuth configuration (storage/remote/azuread) was typed as string instead of Secret. Prometheus redacts fields of type Secret when serving the configuration via the /-/config HTTP API endpoint. Because the field was a plain string, the Azure OAuth client secret was exposed in plaintext to any user or process with access to that endpoint. This issue has been patched in versions 3.5.3 and 3.11.3.
Published 2026-05-07
- MediumCVSS 4.8 v4·EPSS 0.1%·No fix yet
Plaintext storage of a password vulnerability in ILM Informatique OpenConcerto allows Retrieve Embedded Sensitive Data. This issue affects OpenConcerto: 1.7.5.
Published 2026-05-04
- MediumCVSS 6.2 v3·EPSS 0.1%·No fix yet
IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.3.0, 5.3.1 stores user credentials in plain text which can be read by a local user.
Published 2026-04-30
- CVSS 2.7 v3·EPSS 0.3%·No fix yet
A weakness has been identified in langflow-ai langflow up to 1.8.3. Impacted is the function remove_api_keys/has_api_terms of the file src/backend/base/langflow/api/utils/core.py of the component Flow Using API. This manipulation causes unprotected storage of credentials. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Published 2026-04-20
- HighCVSS 7.5 v3·EPSS 0.4%·No fix yet
Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. In a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, Pro Cloud Server creates local passwords to the users and stores them in plaintext.
Published 2026-04-17
- HighCVSS 8.1 v3·EPSS 0.3%·Fix available
A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access or influence the user's PIN code due to insecure storage. This may lead to unauthorized VPN configuration and potential interception of subsequent VPN traffic when combined with user interaction.
Published 2026-04-10
- HighCVSS 7.5 v3·EPSS 0.3%·No fix yet
OpenPLC_V3 is vulnerable to a Plaintext Storage of a Password vulnerability that could allow an attacker to retrieve credentials and access sensitive information.
Published 2026-04-09
- HighCVSS 8.6 v3·EPSS 0.4%·Fix available
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, for MQTT deployments using usercodes/passwords: MQTT passwords are incorrectly classified as a non-authenticating identity statement (JWT) and exposed via monitoring endpoints. Versions 2.11.14 and 2.12.6 contain a fix. As a workaround, ensure monitoring end-points are adequately secured. Best practice remains to not expose the monitoring endpoint to the Internet or other untrusted network users.
Published 2026-04-02
- HighCVSS 7.1 v3·EPSS 0.2%·No fix yet
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by a local user.
Published 2026-03-25
- MediumCVSS 4.9 v3·EPSS 0.2%·No fix yet
Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administrative credentials and WiFi pre-shared keys, in plaintext within exported configuration backup files. These backup files can be obtained through legitimate functionality or other weaknesses and do not apply encryption or hashing, allowing attackers to directly extract sensitive information.
Published 2026-03-23
- CVSS 2.5 v3·EPSS 0.1%·No fix yet
A vulnerability was determined in CityData CityChat up to 0.12.6 on Android. Affected by this vulnerability is an unknown functionality of the file resources/assets/flutter_assets/assets/credentials.json of the component ai.citydata.citychat. Executing a manipulation can lead to unprotected storage of credentials. The attack requires local access. A high complexity level is associated with this attack. The exploitation appears to be difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Published 2026-03-16
- CVSS 2.5 v3·EPSS 0.1%·No fix yet
A vulnerability was found in Albert Sağlık Hizmetleri ve Ticaret Albert Health up to 1.7.3 on Android. Affected is an unknown function of the file resources/assets/service-account.json of the component Google Cloud Service Account Key Handler. Performing a manipulation results in unprotected storage of credentials. The attack requires a local approach. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published 2026-03-16
- CVSS 2.5 v3·EPSS 0.1%·No fix yet
A weakness has been identified in La Nacion App 10.2.25 on Android. This impacts an unknown function of the file source/app/lanacion/clublanacion/BuildConfig.java of the component app.lanacion.activity. Executing a manipulation of the argument API_KEY_WEBSOCKET_CV can lead to unprotected storage of credentials. The attack can only be executed locally. A high complexity level is associated with this attack. The exploitability is said to be difficult. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Published 2026-03-16
- CVSS 2.5 v3·EPSS 0.1%·No fix yet
A security flaw has been discovered in BabyChakra Pregnancy & Parenting App up to 5.4.3.0 on Android. This affects an unknown function of the file file app/babychakra/babychakra/Configuration.java of the component app.babychakra.babychakra. Performing a manipulation of the argument SEGMENT_WRITE_KEY results in unprotected storage of credentials. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitability is reported as difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Published 2026-03-16
- CVSS 2.5 v3·EPSS 0.1%·No fix yet
A security vulnerability has been detected in XREAL Nebula App up to 3.2.1 on Android. This impacts an unknown function of the file in ai/nreal/nebula/flutterPlugin/CloudStoragePlugin.java of the component ai.nreal.nebula.universal. Such manipulation of the argument accessKey/secretAccessKey/securityToken leads to unprotected storage of credentials. The attack can only be performed from a local environment. The attack requires a high level of complexity. The exploitability is said to be difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published 2026-03-16
- MediumCVSS 4.4 v3·EPSS 0.1%·Fix available
Dell Device Management Agent (DDMA), versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access.
Published 2026-03-04
- CriticalCVSS 9.8 v3·EPSS 0.3%·No fix yet
An issue in the reset_pj.cgi endpoint of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to execute arbitrary commands via supplying a crafted GET request.
Published 2026-03-03
- MediumCVSS 5.3 v3·EPSS 0.2%·Fix available
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, shared view passwords were stored in plaintext in the database and compared using direct string equality. This issue has been patched in version 0.301.3.
Published 2026-03-02
- CriticalCVSS 9.8 v3·EPSS 0.2%·No fix yet
Hardcoded Email Credentials Saved as Plaintext in Firmware (CWE-256: Plaintext Storage of a Password) vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, exposure of sensitive information, and potential misuse or system compromise This issue affects Frick Controls Quantum HD version 10.22 and prior.
Published 2026-02-27
- MediumCVSS 5.3 v3·EPSS 0.2%·No fix yet
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to obtain sensitive information under specific HADR configuration.
Published 2026-02-17
- MediumCVSS 4.9 v3·EPSS 0.2%·No fix yet
In Quick.Cart user passwords are stored in plaintext form. An attacker with high privileges can display users' password in user editing page. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.7 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
Published 2026-02-05
- MediumCVSS 6.5 v3·EPSS 0.3%·No fix yet
GUnet OpenEclass 1.7.3 stores user credentials in plaintext, allowing administrators to view all registered users' usernames and passwords without encryption. This vulnerability exposes sensitive information and increases the risk of credential theft and unauthorized access.
Published 2026-02-03
- MediumCVSS 4.9 v3·EPSS 0.2%·Fix available
Brocade SANnav before Brocade SANnav 2.4.0b logs database passwords in clear text in the standby SANnav server, after disaster recovery failover. The vulnerability could allow a remote authenticated attacker with admin privilege able to access the SANnav logs or the supportsave to read the database password.
Published 2026-02-02
- HighCVSS 7.0 v3·EPSS 0.2%·Fix available
Dell CloudBoost Virtual Appliance, versions prior to 19.14.0.0, contains a Plaintext Storage of Password vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
Published 2026-01-27
- MediumCVSS 6.1 v3·EPSS 0.1%·No fix yet
An attacker could decrypt sensitive data, impersonate legitimate users or devices, and potentially gain access to network resources for lateral attacks.
Published 2026-01-22
- CriticalCVSS 9.3 v3·EPSS 0.4%·No fix yet
Ksenia Security lares (legacy model) Home Automation version 1.6 contains an unprotected endpoint vulnerability that allows authenticated attackers to upload MPFS File System binary images. Attackers can exploit this vulnerability to overwrite flash program memory and potentially execute arbitrary code on the home automation system's web server.
Published 2025-12-30
- MediumCVSS 5.3 v3·EPSS 0.3%·No fix yet
A vulnerability was detected in ZKTeco BioTime up to 9.0.3/9.0.4/9.5.2. This affects an unknown part of the file /base/safe_setting/ of the component Endpoint. Performing a manipulation of the argument backup_encryption_password_decrypt/export_encryption_password_decrypt results in unprotected storage of credentials. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 9.0.6 is able to mitigate this issue. It is recommended to upgrade the affected component. The vendor confirms: "The mainstream version ZKBioTime V9.0.6 has fixed this vulnerability. Please update to the latest version as soon as possible. For the Middle East version BioTime 9.5.X, you can contact the local technical support to obtain the fix package."
Published 2025-12-28
- MediumCVSS 6.2 v3·EPSS 0.1%·No fix yet
Beward Intercom 2.3.1 contains a credentials disclosure vulnerability that allows local attackers to access plain-text authentication credentials stored in an unencrypted database file. Attackers can read the BEWARD.INTERCOM.FDB file to extract usernames and passwords, enabling unauthorized access to IP cameras and door stations.
Published 2025-12-24
- MediumCVSS 6.0 v3·EPSS 0.2%·No fix yet
Turms Server v0.10.0-SNAPSHOT and earlier contains a plaintext password storage vulnerability in the administrator authentication system. The BaseAdminService class caches administrator passwords in plaintext within AdminInfo objects to optimize authentication performance. Upon successful login, raw passwords are stored unencrypted in memory in the rawPassword field. Attackers with local system access can extract these passwords through memory dumps, heap analysis, or debugger attachment, bypassing bcrypt protection.
Published 2025-12-19
- UnscoredCVSS -·EPSS 0.2%·No fix yet
In WODESYS WD-R608U router (also known as WDR122B V2.0 and WDR28) admin password is stored in configuration file as plaintext and can be obtained by unauthorized user by direct references to the resource in question. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version WDR28081123OV1.01 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
Published 2025-12-18
- MediumCVSS 5.5 v3·EPSS 0.1%·No fix yet
HCL Workload Scheduler stores user credentials in plain text which can be read by a local user.
Published 2025-12-11
- MediumCVSS 4.3 v3·EPSS 0.2%·No fix yet
A vulnerability was found in SGAI Space1 NAS N1211DS up to 1.0.915. This issue affects the function GET_FACTORY_INFO/GET_USER_INFO of the file /cgi-bin/JSONAPI of the component gsaiagent. The manipulation results in unprotected storage of credentials. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published 2025-12-07
- HighCVSS 7.5 v3·EPSS 0.4%·No fix yet
Plaintext password storage in Kotaemon 0.11.0 in the client's localStorage.
Published 2025-11-18
- MediumCVSS 5.3 v3·EPSS 0.3%·No fix yet
A weakness has been identified in Intelbras UnniTI 24.07.11. The affected element is an unknown function of the file /xml/sistema/usuarios.xml. Executing manipulation of the argument Usuario/Senha can lead to unprotected storage of credentials. The attack can be executed remotely. The exploit has been made available to the public and could be exploited.
Published 2025-11-15
- MediumCVSS 5.3 v3·EPSS 0.5%·No fix yet
A security vulnerability has been detected in Intelbras ICIP 2.0.20. Affected is an unknown function of the file /xml/sistema/acessodeusuario.xml. Such manipulation of the argument NomeUsuario/SenhaAcess leads to unprotected storage of credentials. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
Published 2025-11-14
- HighCVSS 7.5 v3·EPSS 0.2%·No fix yet
A vulnerability exists in QuickCMS version 6.8 where sensitive admin credentials are hardcoded in a configuration file and stored in plaintext. This flaw allows attackers with access to the source code or the server file system to retrieve authentication details, potentially leading to privilege escalation. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
Published 2025-11-14
- MediumCVSS 6.7 v3·EPSS 0.1%·Fix available
Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user may exploit and gain parallel privilege escalation or access to the database to obtain confidential information.
Published 2025-11-05
- MediumCVSS 5.5 v3·EPSS 0.1%·No fix yet
A potential vulnerability was reported in some Lenovo Tablets that could allow a local authenticated user or application to gain access to sensitive device specific information.
Published 2025-11-03
- MediumCVSS 5.5 v3·EPSS 0.1%·Fix available
IBM Sterling B2B Integrator 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6.2.0.0 through 6.2.0.5, and 6.2.1.0 stores user credentials in configuration files which can be read by a local user.
Published 2025-10-16
- UnscoredCVSS -·EPSS 0.3%·No fix yet
Minecraft RCON Terminal is a VS Code extension that streamlines Minecraft server management. Versions 0.1.0 through 2.0.6 stores passwords using VS Code's configuration API which writes to settings.json in plaintext. This issue is fixed in version 2.1.0.
Published 2025-10-03
- MediumCVSS 5.5 v3·EPSS 0.1%·No fix yet
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments) store a large number of sensitive credentials (database passwords, MySQL root password, SaaS keys, Portainer admin password, etc.) in cleartext files that are world-readable. Any local user - or any process that can read the host filesystem - can retrieve all of these secrets in plain text, leading to credential theft and full compromise of the appliance. The vendor does not consider this to be a security vulnerability as this product "follows a shared responsibility model, where administrators are expected to configure persistent storage encryption."
Published 2025-10-02
- MediumCVSS 5.0 v3·EPSS 0.1%·Fix available
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to gain unauthorized access with privileges of the compromised account.
Published 2025-09-10
- MediumCVSS 5.7 v3·EPSS 0.2%·No fix yet
A Plaintext Storage of a Password vulnerability in SUSE exposes the credentials for the HTTP proxy in the log files. This issue affects Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1: from ? before 4.3.33-150400.3.55.2; Container suse/manager/5.0/x86_64/proxy-httpd:5.0.5.7.23.1: from ? before 5.0.14-150600.4.17.1; Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.14-150600.4.17.1; Image SLES15-SP4-Manager-Proxy-4-3-BYOS: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.33-15
Published 2025-07-31
- MediumCVSS 6.5 v3·EPSS 0.2%·No fix yet
SoftPerfect Pty Ltd Connection Quality Monitor v1.1 was discovered to store all credentials in plaintext.
Published 2025-07-24
Uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog.