CRITICALVulnerability
Verified
Global

NVD CRITICAL: CVE-2026-8605 — In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could al...

·Source: NIST NVD

Updated:

Executive Summary

In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin.

Analysis

In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin. CVSS Score: 9.8. Published: 2026-05-19T18:16:32.193.

Indicators of Compromise (1)

CVE (1)
CVE-2026-8605
NVDMITRE CVE
Source Attribution

Originally published by NIST NVD on May 19, 2026. Verified by: NIST.

Related Threats

HIGHVulnerability

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to an instance of incorrect privilege assignment that an attacker could abuse to run arbitrary scripts with elevated permissions. "Any cPanel user (including an attacker or a compromised account) may

CVE-2026-48172
The Hacker News
CRITICALVulnerability

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2026-9082 (CVSS score: 6.5), an SQL injection vulnerability affecting all supported versions of Drupal Core. "Drupal Core

CVE-2026-9082
The Hacker News
LOWVulnerability

CISA to allow researchers to report vulnerabilities to exploited bugs catalog

The Cybersecurity and Infrastructure Security Agency (CISA) announced the creation of a nomination form on Thursday that they said enables “researchers, vendors, and industry partners” to report bugs that need to be added to the Known Exploited Vulnerabilities catalog.

The Record