CVE-2026-25607
Description
Use of a weak password encoding algorithm in STER software allows the value of the password to be guessed after analyzing how passwords with known values are encoded. This issue was fixed in version 9.5.
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2026-25607? +
How do I check if I'm vulnerable to CVE-2026-25607? +
Related Vulnerabilities
The Campbell Scientific CSI Web Server stores web authentication credentials in a file with a specific file name. Passwords within …
The credentials required to access the device's web server are sent in base64 within the HTTP headers. Since base64 is …
Use of a custom password encoding algorithm in Streamsoft Prestiż software allows straightforward decoding of passwords using their encoded forms, …
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.6 and iPadOS 18.6. Passcode may …
An issue in secdiskapp 1.5.1 (management program for NewQ Fingerprint Encryption Super Speed Flash Disk) allows attackers to gain escalated …
Authenticator is a browser extension that generates two-step verification codes. In versions 7.0.0 and below, encryption keys for user data …