CVE-2026-4404

CVSS v3.1

9.4

Critical

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI.

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798CWE-1393

Related Identifiers

CVE-2026-4404

Affected Products

Harbor

CVE-2026-4404

Weakness Enumeration

Related Identifiers

Affected Products

References · 5