CWE-1391: Use of Weak Credentials
low-riskThe product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker.
Abstraction: Class
Common Consequences
Access Control
→
Bypass Protection Mechanism
Real-World Examples (10)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2024-51978 | 9.8 | 48.3% | — |
| CVE-2025-53558 | 8.8 | 14.8% | — |
| CVE-2024-40892 | 7.1 | 7.1% | — |
| CVE-2024-45272 | 7.5 | 1.0% | — |
| CVE-2023-48257 | 7.8 | 0.6% | — |
| CVE-2025-67114 | 9.8 | 0.4% | — |
| CVE-2025-32471 | 3.7 | 0.3% | — |
| CVE-2024-12728 | 9.8 | 0.2% | — |
| CVE-2026-22886 | 9.8 | 0.2% | — |
| CVE-2024-7558 | 8.7 | 0.2% | — |
3
/ 100
low-risk
Active Threat
3/50 · Minimal
Exploit Availability
0/50 · Minimal