Home/CWE/Use of Hard-coded Cryptographic Key
Weakness

Use of Hard-coded Cryptographic Key

CWE-321 · Variant · Draft

The product uses a hard-coded, unchangeable cryptographic key.

Weakness Relationships

Where this weakness sits in the CWE hierarchy. Walk up to broader classes or down to more specific variants.
Parent of this (broader)
ChildOfCWE-798 · Use of Hard-coded Credentials

CVEs With This Weakness

284
A sample of the 284 CVEs tagged with this weakness.
CVECVE-2026-8739
CVECVE-2026-8243
CVECVE-2026-7306
CVECVE-2026-7018
CVECVE-2026-6787
CVECVE-2026-6611
CVECVE-2026-6580
CVECVE-2026-5622
CVECVE-2026-5549
CVECVE-2026-5527
CVECVE-2026-5471
CVECVE-2026-5462

Nuclei Scanner Templates

4
Open-source Nuclei templates that detect this weakness class - an actionable scan-for-it pivot. Licensed under the ProjectDiscovery / Nuclei terms.
criticalFUXA <= 1.2.7 - Hardcoded JWT Secret Authentication Bypass
criticalGladinet CentreStack & Triofox - Hardcoded Credentials
criticalDragonfly2 < 2.1.0-beta.1 - Hardcoded JWT Secret
highNetmaker - Hardcoded DNS Secret Key
External lookups - second-class, for what we don’t hold ourselves
MITRE CWE
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin