CVE-2026-6553: CWE-312 Cleartext storage of sensitive information in TYPO3 TYPO3 CMS
CVE-2026-6553 is a high-severity vulnerability in TYPO3 CMS version 14. 2. 0 where changing backend user passwords via the user settings module causes the cleartext password to be stored in the database fields uc and user_settings of the be_users table. This cleartext storage of sensitive information violates secure password handling practices and could expose passwords if the database is accessed by unauthorized parties. There is no vendor-provided patch or official remediation guidance available at this time. The vulnerability has not been reported as exploited in the wild.
AI Analysis
Technical Summary
TYPO3 CMS version 14.2.0 contains a vulnerability identified as CVE-2026-6553 (CWE-312) where backend user password changes through the user settings module result in storing the password in cleartext within the uc and user_settings fields of the be_users database table. This improper storage of sensitive credentials increases the risk of password disclosure if the database is compromised. The CVSS 4.0 base score is 7.3, reflecting high severity with network attack vector, low attack complexity, and partial user interaction required. No official patch or remediation level has been published by the vendor as of the data provided.
Potential Impact
The vulnerability allows cleartext passwords to be stored in the TYPO3 CMS database, which could lead to credential exposure if an attacker gains access to the database. This undermines password confidentiality and could facilitate unauthorized access to backend user accounts. There are no known exploits in the wild reported. The impact is significant due to the sensitive nature of password data, but exploitation requires access to the database or a vector to retrieve these fields.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, administrators should limit database access strictly and monitor for unauthorized access. Avoid using the affected TYPO3 CMS version 14.2.0 for sensitive environments or consider mitigating by not changing passwords via the user settings module if possible. Follow vendor updates closely for an official fix.
CVE-2026-6553: CWE-312 Cleartext storage of sensitive information in TYPO3 TYPO3 CMS
Description
CVE-2026-6553 is a high-severity vulnerability in TYPO3 CMS version 14. 2. 0 where changing backend user passwords via the user settings module causes the cleartext password to be stored in the database fields uc and user_settings of the be_users table. This cleartext storage of sensitive information violates secure password handling practices and could expose passwords if the database is accessed by unauthorized parties. There is no vendor-provided patch or official remediation guidance available at this time. The vulnerability has not been reported as exploited in the wild.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
TYPO3 CMS version 14.2.0 contains a vulnerability identified as CVE-2026-6553 (CWE-312) where backend user password changes through the user settings module result in storing the password in cleartext within the uc and user_settings fields of the be_users database table. This improper storage of sensitive credentials increases the risk of password disclosure if the database is compromised. The CVSS 4.0 base score is 7.3, reflecting high severity with network attack vector, low attack complexity, and partial user interaction required. No official patch or remediation level has been published by the vendor as of the data provided.
Potential Impact
The vulnerability allows cleartext passwords to be stored in the TYPO3 CMS database, which could lead to credential exposure if an attacker gains access to the database. This undermines password confidentiality and could facilitate unauthorized access to backend user accounts. There are no known exploits in the wild reported. The impact is significant due to the sensitive nature of password data, but exploitation requires access to the database or a vector to retrieve these fields.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, administrators should limit database access strictly and monitor for unauthorized access. Avoid using the affected TYPO3 CMS version 14.2.0 for sensitive environments or consider mitigating by not changing passwords via the user settings module if possible. Follow vendor updates closely for an official fix.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- TYPO3
- Date Reserved
- 2026-04-17T21:40:53.165Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69e74ecd19fe3cd2cdc4b53e
Added to database: 4/21/2026, 10:17:49 AM
Last enriched: 4/21/2026, 10:31:02 AM
Last updated: 4/21/2026, 1:05:56 PM
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.