CWE•Class•Incomplete•9 recent CVEs

CWE-1391Use of Weak Credentials

Description

The product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker.

[object Object]

Common consequences

Access Control→Bypass Protection Mechanism
An adversary could bypass intended authentication restrictions.

Potential mitigations

Architecture and Design,Operation
When the user changes or sets a password, check the password against a database of already compromised or breached passwords. These passwords are likely to be used in password guessing attacks.

Related CWEs

CWE-1390Weak Authentication

Recent CVEs classified under this CWE

CVE-2026-473252026-06-03 CVE-2026-43772026-05-28 CVE-2026-350892026-05-27 CVE-2026-443519.12026-05-13 CVE-2026-80762026-05-08 CVE-2026-399209.82026-04-24 CVE-2026-238538.42026-04-17 CVE-2026-228869.82026-03-03 CVE-2026-244494.62026-02-03