Vulnerability in Centralny Instytut Ochrony Pracy - Państwowy Badawczy Ster

CVE-2026-25607

Use of a weak password encoding algorithm in STER software allows the value of the password to be guessed after analyzing how passwords with known values are encoded. This issue was fixed in version 9.5.

EPSS: 0.000 (3.0th percentile) — read the EPSS interpretation.

Affected products

Centralny Instytut Ochrony Pracy - Państwowy Badawczy Ster — versions 0

Weakness classification (CWE)

CWE-261 — Weak Encoding for Password

References

cvd@cert.pl (third-party-advisory)
cvd@cert.pl (product)