Known Vulnerabilities for Passport by Digi
Listed below are 3 of the newest known vulnerabilities associated with "Passport" by "Digi".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-56278 json | Flowise before 3.1.0 (affected versions 3.0.13 and earlier) uses a weak hardcoded default secret ('flowise') for the express-... | Not Provided | 2026-06-30 | 2026-07-01 |
| CVE-2026-56271 json | Flowise before 3.1.0 (affected versions 3.0.13 and earlier) uses weak hardcoded default JWT secrets ('auth_token', 'refresh_t... | Not Provided | 2026-07-12 | 2026-07-13 |
| CVE-2023-4299 json | Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connec... | 8.1 - HIGH | 2023-08-31 | 2023-09-06 |
| CVE-2022-26953 json | Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow. An attacker can supply a string in the page paramete... | 7.5 - HIGH | 2022-04-06 | 2022-04-12 |
| CVE-2022-26952 json | Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow in the function for building the Location header stri... | 7.5 - HIGH | 2022-04-06 | 2022-04-12 |