CVE-2025-59388CRITICAL 9.8EPSS p37.2%

CVE-2025-59388CVE-2025-59388

Description

A use of hard-coded password vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed the vulnerability in the following version: Hyper Data Protector 2.3.1.455 and later

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.47% probability of exploitation · percentile 37.2% · 2026-06-18T12:00:27Z
Published2026-03-12
Last modified2026-03-16

Underlying weaknesses· 1

CWE-259

References

  1. https://www.qnap.com/en/security-advisory/qsa-25-48

1

TypeTargetConfidenceTier
WeaknessUse of Hard-coded Passwordcwe-2590%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-59389
CVE
CVE-2025-37093
CVE
CVE-2025-1393
CVE
CVE-2025-30412
CVE
CVE-2025-52159
CVE
CVE-2025-30411
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.