CVE-2025-68421 – Hardcoded credentials in Comarch ERP Optima

CVE ID :CVE-2025-68421

Published : May 14, 2026, 10:35 a.m. | 23 minutes ago

Description :Comarch ERP Optima client makes use of a hard-coded password for a database user. These credentials cannot be changed. It is possible for a remote attacker to gain an access to the database with elevated privileges including executing system commands on a server.
This issue has been fixed in version 2026.4

Severity: 8.7 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-45205 – Apache Commons Configuration: StackOverflowError for YAML input with cycles

CVE-2025-68420 – Privilege Escalation in Comarch ERP Optima

CVE-2026-8468 – Unbounded buffer accumulation in multipart header parsing causes denial of service in plug

CVE-2026-8295 – Integer overflow in simdjson