Threats Tagged 'cwe-648'
View all threats tagged with 'cwe-648'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cwe-648'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2025-2311: CWE-648 Incorrect Use of Privileged APIs in Sechard Information Technologies SecHardCVE-2025-2311 0 Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in Sechard Information Technologies SecHard allows Authentication Bypass, Interface Manipulation, Authentication Abuse, Harvesting Information via API Event Monitoring. This issue affects SecHard: before 3.3.0.20220411. Join the discussion | CVE Database V5 | 03/20/2025, 11:55:51 UTC Added: 06/06/2026, 07:33:35 UTC |
CVE-2026-9560: CWE-78 in OpenVPN Inc OpenVPN ConnectCVE-2026-9560 0 CVE-2026-9560 is a critical privilege escalation vulnerability in OpenVPN Connect versions 3.5.1 through 3.8.1 on macOS. It allows an attacker with local access to execute arbitrary commands with elevated privileges via a local inter-process communication (IPC) channel in the background service. The vulnerability is related to improper handling of IPC leading to command injection. No official patch or remediation guidance has been provided yet, and no known exploits are reported in the wild. Join the discussion | CVE Database V5 | 05/26/2026, 17:39:57 UTC Added: 05/26/2026, 18:02:39 UTC |
Showing 1 to 2 of 2 results