Skip to main content

CWE-310

Cryptographic Issues

1970 CVEs Avg CVSS 5.4 MITRE
23
CRITICAL
80
HIGH
1777
MEDIUM
90
LOW
98
POC
0
KEV

Monthly

CVE-2026-49000 HIGH This Week

Information disclosure in ZTE ZXUniPOS NDS-LTE (V24.40.40 and earlier, and V24.30.40CP02 and earlier) stems from an insecure cryptographic password scheme - such as hard-coded keys, weak encryption algorithms, or poor key management - that lets remote, unauthenticated attackers recover or tamper with protected data. The CVSS vector (AV:N/AC:H/PR:N) indicates network reachability without credentials but with high attack complexity, and the primary impact is confidentiality loss (C:H) with minor integrity and availability effects. There is no public exploit identified at time of analysis, and EPSS is very low (0.02%, 7th percentile).

Information Disclosure Zxunipos Nds Lte
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-5682 LOW Monitor

Meesho Online Shopping App versions up to 27.3 on Android implement risky cryptographic algorithms in the /api/endpoint component (com.meesho.supply), enabling remote attackers to disclose sensitive information without authentication. The vulnerability has CVSS 6.3 severity with public exploit code availability, though exploitation requires high attack complexity. This impacts the confidentiality of user data processed through affected API endpoints.

Google Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.9
EPSS
0.0%
CVE-2025-15603 LOW Monitor

A security vulnerability has been detected in open-webu versions up to 0.6.16. is affected by cryptographic issues (CVSS 3.7).

Information Disclosure
NVD VulDB
CVSS 4.0
2.9
EPSS
0.0%
CVE-2026-2671 LOW Monitor

A vulnerability was detected in Mendi Neurofeedback Headset V4. Affected by this vulnerability is an unknown functionality of the component Bluetooth Low Energy Handler. [CVSS 3.1 LOW]

Information Disclosure
NVD VulDB
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-2966 LOW POC Monitor

A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mg_sendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. [CVSS 3.7 LOW]

Information Disclosure Mongoose
NVD GitHub VulDB
CVSS 4.0
2.9
EPSS
0.1%
CVE-2026-2618 LOW POC Monitor

A vulnerability was determined in Beetel 777VR1 up to 01.00.09. This impacts an unknown function of the component SSH Service. [CVSS 3.7 LOW]

Information Disclosure 777vr1 Firmware
NVD VulDB GitHub
CVSS 4.0
2.9
EPSS
0.0%
CVE-2025-21482 HIGH This Month

Cryptographic issue while performing RSA PKCS padding decoding. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +283
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2017-20200 LOW Monitor

A vulnerability has been found in Coinomi up to 1.7.6. Rated low severity (CVSS 2.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure
NVD VulDB GitHub
CVSS 4.0
2.9
EPSS
0.0%
CVE-2025-10776 LOW Monitor

A vulnerability was detected in LionCoders SalePro POS up to 5.5.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.9
EPSS
0.0%
CVE-2025-10671 LOW Monitor

A vulnerability has been found in youth-is-as-pale-as-poetry e-learning 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Java
NVD GitHub VulDB
CVSS 4.0
2.9
EPSS
0.0%
EPSS 0% CVSS 7.0
HIGH This Week

Information disclosure in ZTE ZXUniPOS NDS-LTE (V24.40.40 and earlier, and V24.30.40CP02 and earlier) stems from an insecure cryptographic password scheme - such as hard-coded keys, weak encryption algorithms, or poor key management - that lets remote, unauthenticated attackers recover or tamper with protected data. The CVSS vector (AV:N/AC:H/PR:N) indicates network reachability without credentials but with high attack complexity, and the primary impact is confidentiality loss (C:H) with minor integrity and availability effects. There is no public exploit identified at time of analysis, and EPSS is very low (0.02%, 7th percentile).

Information Disclosure Zxunipos Nds Lte
NVD
EPSS 0% CVSS 2.9
LOW Monitor

Meesho Online Shopping App versions up to 27.3 on Android implement risky cryptographic algorithms in the /api/endpoint component (com.meesho.supply), enabling remote attackers to disclose sensitive information without authentication. The vulnerability has CVSS 6.3 severity with public exploit code availability, though exploitation requires high attack complexity. This impacts the confidentiality of user data processed through affected API endpoints.

Google Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.9
LOW Monitor

A security vulnerability has been detected in open-webu versions up to 0.6.16. is affected by cryptographic issues (CVSS 3.7).

Information Disclosure
NVD VulDB
EPSS 0% CVSS 2.3
LOW Monitor

A vulnerability was detected in Mendi Neurofeedback Headset V4. Affected by this vulnerability is an unknown functionality of the component Bluetooth Low Energy Handler. [CVSS 3.1 LOW]

Information Disclosure
NVD VulDB
EPSS 0% CVSS 2.9
LOW POC Monitor

A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mg_sendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. [CVSS 3.7 LOW]

Information Disclosure Mongoose
NVD GitHub VulDB
EPSS 0% CVSS 2.9
LOW POC Monitor

A vulnerability was determined in Beetel 777VR1 up to 01.00.09. This impacts an unknown function of the component SSH Service. [CVSS 3.7 LOW]

Information Disclosure 777vr1 Firmware
NVD VulDB GitHub
EPSS 0% CVSS 7.1
HIGH This Month

Cryptographic issue while performing RSA PKCS padding decoding. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +285
NVD
EPSS 0% CVSS 2.9
LOW Monitor

A vulnerability has been found in Coinomi up to 1.7.6. Rated low severity (CVSS 2.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure
NVD VulDB GitHub
EPSS 0% CVSS 2.9
LOW Monitor

A vulnerability was detected in LionCoders SalePro POS up to 5.5.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.9
LOW Monitor

A vulnerability has been found in youth-is-as-pale-as-poetry e-learning 1.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Java
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy