Skip to main content

Pdbm

1 CVEs product

Monthly

CVE-2026-25600 MEDIUM PATCH This Month

Hard-coded cryptographic secret in PDBM.exe (by Trac d.o.o.) enables authenticated local attackers to decrypt administrative credentials stored in the product's configuration file. The static secret, constant across all PDBM installations, is embedded directly in the application binary and is used as the key for the credential encryption routine. Because the affected version configures the stored account with full administrative privileges, a successful extraction yields unrestricted access to PDBM's management interface and all underlying operational functions. No public exploit identified at time of analysis, and this CVE is not listed in the CISA KEV catalog.

Authentication Bypass Pdbm
NVD
CVSS 3.1
6.4
EPSS
0.0%
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

Hard-coded cryptographic secret in PDBM.exe (by Trac d.o.o.) enables authenticated local attackers to decrypt administrative credentials stored in the product's configuration file. The static secret, constant across all PDBM installations, is embedded directly in the application binary and is used as the key for the credential encryption routine. Because the affected version configures the stored account with full administrative privileges, a successful extraction yields unrestricted access to PDBM's management interface and all underlying operational functions. No public exploit identified at time of analysis, and this CVE is not listed in the CISA KEV catalog.

Authentication Bypass Pdbm
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy