CVE-2026-54445 – Vantage6: Set admin user and password from environment or configuration

CVE ID :CVE-2026-54445

Published : June 17, 2026, 10:14 p.m. | 1 hour, 27 minutes ago

Description :vantage6 is an open-source infrastructure for privacy preserving analysis. Versions prior to 5.0.0 provide an initial user with username `root` and password `root`. This is not ideal because attackers know that almost all vantage6 servers have a user with username `root` that probably has admin rights, and the initial password is very weak and it is possible that administrators forget to reset it. Version 5.0.0 fixes the issue. As a workaround, it is possible to delete the `root` user after it has been used to create other users.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…