CWE-258

Empty Password in Configuration File

2 CVEs Avg CVSS 8.3 MITRE
1
CRITICAL
0
HIGH
1
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2025-9276 CRITICAL Act Now

Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Kubernetes Cockroach K8S Request Cert
NVD
CVSS 3.0
9.8
EPSS
0.6%
CVE-2025-4395 MEDIUM This Month

Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-9276
EPSS 1% CVSS 9.8
CRITICAL Act Now

Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Kubernetes Cockroach K8S Request Cert
NVD
CVE-2025-4395
EPSS 0% CVSS 6.8
MEDIUM This Month

Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy