CVE-2026-49000
7.0 HIGHAn insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management...
Published: 2026-05-27 · Last updated: 2026-05-27
Severity and scoring
- CVSS
- 7.0 HIGH
- Vector
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
- CWE
- CWE-310
Description
An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2017-14852 — An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SS... (8.6 HIGH)
- CVE-2019-6576 — A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor P... (6.5 MEDIUM)
- CVE-2015-4000 — The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DH... (3.7 LOW)
- CVE-2014-3566 — The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for ... (3.4 LOW)
- CVE-2004-2761 — The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing at... (9.8 CRITICAL)