CVE-2023-0567
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes a
CVSS
7.7
Alto
EPSS
0.9%
p57
KEV
—
Exploit Today
17
0-100
Publicado: 1 mar 2023 · Última mod.: 15 jul 2026 · CWE-916
0.9%EPSS · 30 días0.9%
2026-06-302026-07-16
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid.
- bugs.php.nethttps://bugs.php.net/bug.php?id=81744
- github.comhttps://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4
- bugs.php.nethttps://bugs.php.net/bug.php?id=81744
- github.comhttps://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4
- security.netapp.comhttps://security.netapp.com/advisory/ntap-20230331-0008/
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2022-233485.3 MED85.4%
——26BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes.8dCVE-2020-288737.5 ALT54.1%
——16Fluxbb 1.5.11 is affected by a denial of service (DoS) vulnerability by sending an extremely long password via the user login form. When a long password is sent, the password hashing process will result in CPU and memory exhaustion on the server.8dCVE-2026-258615.9 MED7.5%
——2QloApps through 1.7.0, fixed in commit 64e9722, contains a weak cryptographic algorithm vulnerability that allows attackers to compromise user credentials by exploiting the use of MD5 for password hashing in the Tools::encrypt() function within classes/Tools.php, which concatenates a static cookie key with the supplied password. Attackers can perform offline brute-force attacks against the MD5 hashes, with the risk compounded by auto-generated 8-character passwords assigned during guest-to-customer account conversion in classes/Customer.php, making credential recovery trivial.3dCVE-2026-550698.7 ALT5.4%
——2Kestra is an open-source, event-driven orchestration platform. Prior to 1.3.24, this vulnerability exists in the BasicAuth authentication component of the Kestra OSS workflow orchestration platform. An attacker who gains read access to the PostgreSQL database can exploit SHA-512's high computation speed to recover the administrator password offline. In Kubernetes deployments, a successful crack further enables reading of the cluster ServiceAccount Token and all K8s Secrets, achieving vertical privilege escalation. This vulnerability is fixed in 1.3.24.16dCVE-2026-5040—0.7%
——0TP-Link Deco M5 v1 uses a weak password hashing mechanism to store user credentials. An attacker who obtains the password hash through system compromise or privileged access could perform brute-force or dictionary attacks.
Successful exploitation may result in disclosure of authentication credentials, enabling unauthorized access to device management functions, depending on the privileges associated with the recovered password. The primary security impact is loss of confidentiality.1d