Ctrl + K
/ news / CVE
CVEPublished 2026-05-06Modified 2026-05-070 articles on news6 live referencesNVD data

CVE-2026-8032

Vulnerability data via NVD (ingested)

CVSS v3.1
7.3
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS percentile
Weaknesses (CWE)
CWE-259Use of Hard-coded PasswordCWE-798Use of Hard-coded Credentials
Description

A flaw has been found in PicoTronica e-Clinic Healthcare System ECHS 5.7. The impacted element is an unknown function of the file /cdemos/echs/priv/echs.js. This manipulation of the argument ADMIN_KEY causes hard-coded credentials. The attack is possible to be carried out remotely. The exploit has been published and may be used. Upgrading to version 5.7.1 is sufficient to resolve this issue. The affected component should be upgraded. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

Timeline
Published 2026-05-06
Modified 2026-05-07

External references

NVDMITREExploit-DBSploitustrickest/cveVulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts
vuln:CVE-2026-8032
Hosts Shodan has explicitly fingerprinted as vulnerable.
More intel sources (5)
Shodan report
vuln:CVE-2026-8032
Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2026-8032
Censys host search filtered to this CVE id.
grep.app
CVE-2026-8032
Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2026-8032
GitHub code search for direct mentions.
Google dork
"CVE-2026-8032" exploit -site:nvd.nist.gov
Write-ups and news, NVD excluded.

Known PoCs on GitHub (4)

CVE-2026-80324 repos
maxgfr/awesome-starsunknown
List of repositories that I liked on Github
★ 22·updated today
jdrains110-beep/Triumph-Synergy-Digital-Financial-EcosystemTypeScript
Quantum Financial System (QFS) built on Pi Network - Quantum-resistant cryptography (Kyber/Dilithium), Supabase RLS + Realtime, Pi SDK 2.0 payments, Fast-Track KYC/KYB, PiRC Protoc…
★ 15·updated today
Steel-SecAdv-LLC/Mercury-AgentPython
Mercury Agent ♱ - Is a neuro-symbolic autonomous AI prototype, integrating machine learning-based anomaly detection, multi-domain operations, and ethical alignment protocols. Desig…
★ 4·updated today
Supermagnum/Galdralag-firmwareRust
A attempt at cryptographic framework for Baochip-1x .
★ 3·updated 5d ago
We haven't classified any articles referencing CVE-2026-8032 yet. The external references above still apply.