CVE-2026-4404

Summary

Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI.

Affected Software

VendorProductVersion RangeStatus
HarborHarbor0.1.0 <= 2.15.0affected

Weaknesses

  • CWE-798 Use of Hard-coded Credentials

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References