Threats Tagged 'cwe-326'
View all threats tagged with 'cwe-326'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cwe-326'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-10530: CWE-326 Inadequate Encryption Strength in Pie RegisterCVE-2026-10530 0 The Pie Register WordPress plugin before 3.8.4.10 does not use sufficiently random values when generating its account verification tokens, allowing unauthenticated attackers to predict a valid token and activate an account without access to the associated email inbox. Join the discussion | CVE Database V5 | 06/22/2026, 06:00:01 UTC Added: 06/22/2026, 06:09:14 UTC |
CVE-2026-41860: CWE-326: Inadequate Encryption Strength in Cloud Foundry Foundation BOSHCVE-2026-41860 0 CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token requests via MITM. HttpRequestHelper#create_async_endpoint and #send_http_get_request_synchronous hard-code OpenSSL::SSL::VERIFY_NONE, enabling an attacker to intercept traffic between bosh-monitor and the BOSH director or UAA and steal credentials. Affected versions: - BOSH: all versions prior to v282.1.9 (inclusive); fixed in v282.1.9 or later Join the discussion | CVE Database V5 | 06/04/2026, 01:40:23 UTC Added: 06/04/2026, 02:33:35 UTC |
Showing 1 to 2 of 2 results