Weak Password Storage in Redeight CMS by Redeight
CVE-2026-53692

5.9MEDIUM

Key Information:

Vendor: Redeight
Status: Redeight Cms
Vendor: CVE Published:; 30 June 2026

What is CVE-2026-53692?

Redeight CMS version 1.0 employs the MD5 hashing algorithm without a salt for storing user passwords. As MD5 is cryptographically broken and lacks the additional security provided by salting, attackers who gain access to the password hashes can easily reverse them using techniques like rainbow table attacks, leading to potential exposure of user credentials.

Affected Version(s)

Redeight CMS 1.0

References

https://cert.pl/posts/2026/06/CVE-2026-53690

third-party-advisory

CVSS V4

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 30, 2026
Vulnerability Reserved
Jun 10, 2026

Credit

Jacek Czepil

CVE-2026-53692 Data

JSON