CVE-2026-35075
An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affecte
CVSS
9.8
Critical
EPSS
0.5%
p37
KEV
—
Exploit Today
11
0-100
Published: Jun 3, 2026 · Last modified: Jul 3, 2026 · CWE-1393
0.5%EPSS · 30 days0.5%
2026-06-302026-07-17
An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices.
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-26357.3 HIG57.9%
——17MLflow Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the basic_auth.ini file. The file contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of the administrator. Was ZDI-CAN-28256.4dCVE-2026-337849.8 CRI36.8%
——11A Use of Default Password vulnerability in the Juniper Networks
Support Insights (JSI)
Virtual Lightweight Collector (vLWC) allows an unauthenticated, network-based attacker to take full control of the device.
vLWC software images ship with an initial password for a high privileged account. A change of this password is not enforced during the provisioning of the software, which can make full access to the system by unauthorized actors possible.This issue affects all versions of vLWC before 3.0.94.10dCVE-2026-52699.8 CRI19.3%
——6In Ciena's Navigator Network Control Suite (NCS) and Manage Control Plan (MCP), there are hidden system accounts used for internal software operations. Some of these accounts have default passwords that may be predictable. While these accounts have very limited permissions on their own, an attacker could combine an attack using one of these accounts with other potential weaknesses to launch a more significant attack, possibly leading to escalation of privilege on the system.3d