Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-522 (不充分的凭证保护机制) — Vulnerability Class 367

367 vulnerabilities classified as CWE-522 (不充分的凭证保护机制). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-25774 EV Energy ev.energy Insufficiently Protected Credentials — ev.energy 6.5 Medium2026-02-27
CVE-2026-27773 SWITCH EV swtchenergy.com Insufficiently Protected Credentials — swtchenergy.com 6.5 Medium2026-02-27
CVE-2026-22890 EV2GO ev2go.io Insufficiently Protected Credentials — ev2go.io 6.5 Medium2026-02-26
CVE-2026-20733 CloudCharge cloudcharge.se Insufficiently Protected Credentials — cloudcharge.se 6.5 Medium2026-02-26
CVE-2026-20791 Chargemap chargemap.com Insufficiently Protected Credentials — chargemap.com 6.5 Medium2026-02-26
CVE-2025-67860 NeuVector scanner insecurely handles passwords as command arguments — harvester 3.8 Low2026-02-25
CVE-2026-26049 Jinan USR IOT Technology Limited (PUSR) USR-W610 Insufficiently Protected Credentials — USR-W610 5.7 Medium2026-02-20
CVE-2026-27003 OpenClaw: Telegram bot token exposure via logs — openclaw 9.8 -2026-02-19
CVE-2026-0715 MOXA UC Series 安全漏洞 — UC-1200A Series 6.8AIMediumAI2026-02-05
CVE-2026-1966 YugabyteDB Anywhere Exposes LDAP Credentials in Cleartext in Web UI — YugabyteDB Anywhere 8.1AIHighAI2026-02-05
CVE-2020-37097 Edimax EW-7438RPn 1.13 - Information Disclosure (WiFi Password) — EW-7438RPn Mini 7.5 High2026-02-03
CVE-2025-52623 HCL AION is affected by an Autocomplete HTML Attribute Not Disabled for Password Field vulnerability — AION 3.7 Low2026-02-03
CVE-2026-24845 malcontent's OCI image scanning could expose registry credentials — malcontent 6.5 Medium2026-01-29
CVE-2020-36968 M/Monit 3.7.4 - Password Disclosure — M/Monit 6.5 Medium2026-01-28
CVE-2025-9521 Password Confirmation Bypass in Omada Controller — Omada Controller 7.5AIHighAI2026-01-26
CVE-2026-23958 DataEase Vulnerable to Brute-Force Attack on Admin JWT Secret Derived from Password that Enables Full Account Takeover — dataease 9.8AICriticalAI2026-01-22
CVE-2026-21852 Claude Code Leaks Data via Malicious Environment Configuration Before Trust Confirmation — claude-code 6.5AIMediumAI2026-01-21
CVE-2025-58742 Insufficient Configuration Protections Enable Database Credential Interception in Milner ImageDirector Capture — ImageDirector Capture 5.9AIMediumAI2026-01-20
CVE-2025-58741 Insecure Masked Credential Fields Enable Database Credential Access in Milner ImageDirector Capture — ImageDirector Capture 7.5AIHighAI2026-01-20
CVE-2026-1223 BROWAN COMMUNICATIONS |PrismX MX100 AP controller - Insufficiently Protected Credentials — PrismX MX100 AP controller 4.9 Medium2026-01-20
CVE-2021-47759 MTPutty 1.0.1.21 - SSH Password Disclosure — MTPutty 6.2 Medium2026-01-15
CVE-2025-69271 Spectrum basic authentication in use — DX NetOps Spectrum 8.1AIHighAI2026-01-12
CVE-2025-62327 HCL DevOps Deploy is susceptible to insufficiently protected credentials — DevOps Deploy 4.9 Medium2026-01-07
CVE-2025-64420 Coolify members can see private key of root user — coolify 10.0 Critical2026-01-05
CVE-2025-64122 Nuvation Energy Multi-Stack Controller Private Key Stored on Device — Multi-Stack Controller (MSC) 7.5 -2026-01-02
CVE-2021-47741 ZBL EPON ONU Broadband Router V100R001 Privilege Escalation via Configuration Endpoint — ZBL EPON ONU Broadband Router 7.5 High2025-12-31
CVE-2021-47726 NuCom 11N Wireless Router 5.07.90 Privilege Escalation via Configuration Backup — NuCom 11N Wireless Router 7.5 High2025-12-31
CVE-2025-66029 Open OnDemand affected by Apache proxy passing sensitive headers — ondemand 7.6 High2025-12-17
CVE-2025-14148 IBM DevOps Deploy is susceptible to a Insufficiently Protected Credentials vulnerability — UCD - IBM DevOps Deploy 6.5 Medium2025-12-15
CVE-2025-58130 Apache Fineract: Server Key not masked — Apache Fineract 9.1AICriticalAI2025-12-12

Vulnerabilities classified as CWE-522 (不充分的凭证保护机制) represent 367 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.