CWE•Base•Incomplete•20 recent CVEs
CWE-256Plaintext Storage of a Password
Description
The product stores a password in plaintext within resources such as memory or files.
Common consequences
- Access Control→Gain Privileges or Assume IdentityStoring a plaintext password in a configuration file allows anyone who can read the file to access the password-protected resource. In some contexts, even storage of a plaintext password in memory is considered a security risk if the passwo
Potential mitigations
- Architecture and DesignAvoid storing passwords in easily accessible locations.
- Architecture and DesignConsider storing cryptographic hashes of passwords as an alternative to storing in plaintext.
- A programmer might attempt to remedy the password management problem by obscuring the password with an encoding function, such as base 64 encoding, but this effort does not adequately protect the password because the encoding can be detected and decoded easily.
Related CWEs
Recent CVEs classified under this CWE
CVE-2026-573024.32026-06-24CVE-2026-502681.92026-06-17CVE-2024-395757.42026-06-16CVE-2024-456364.12026-06-11CVE-2026-361744.62026-06-04CVE-2018-253967.52026-05-29CVE-2026-421517.52026-05-04CVE-2026-65002026-05-04CVE-2025-363356.22026-04-30CVE-2026-65972.72026-04-20CVE-2025-156247.52026-04-17CVE-2021-479618.12026-04-10CVE-2026-355562026-04-09CVE-2026-332168.62026-03-25CVE-2026-318504.92026-03-23CVE-2026-42512.52026-03-16CVE-2026-42502.52026-03-16CVE-2026-42432.52026-03-16CVE-2026-42422.52026-03-16CVE-2026-42172.52026-03-16