Vulnerability in Harbor
CVE-2026-4404
Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use the default password and gain access to the web UI.
EPSS: 0.001 (19.7th percentile) — read the EPSS interpretation.
Affected products
- Harbor — versions 0.1.0