Sign In

CVE-2026-4404

ADVISORY - github

Summary

Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI.

EPSS Score: 0.00055 (0.173)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-1393

Use of Default Password

CWE-798

Use of Hard-coded Credentials

ADVISORY - github

CWE-1393

Use of Default Password

CWE-798

Use of Hard-coded Credentials

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2026-4404
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-1393CWE-798

CVSS SCORE

9.4critical

GitHub

CREATED

UPDATED

ADVISORY IDGHSA-hj7x-hmf2-hc2p
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-1393CWE-798

CVSS SCORE

9.4critical

GoLang

CREATED

UPDATED

ADVISORY IDGO-2026-4845
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY