CVE-2026-5189
published 2026-04-15CVE-2026-5189: CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network…
PriorityP270critical9.2CVSS 4.0
AVNACLATPPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.46%
36.6th percentile
CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access to the internal database and execute arbitrary OS commands as the Nexus process user. Exploitation requires the non-default nexus.orient.binaryListenerEnabled=true configuration to be enabled.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sonatype | nexus_repository | >= 3.0.0 < 3.71.0 | 3.71.0 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Sonatype Nexus Repository Manager up to 3.70.5 Configuration hard-coded credentials
vuldb·2026-04-16·CVSS 9.2
CVE-2026-5189 [CRITICAL] Sonatype Nexus Repository Manager up to 3.70.5 Configuration hard-coded credentials
A vulnerability, which was classified as critical, was found in Sonatype Nexus Repository Manager up to 3.70.5. The affected element is an unknown function of the component Configuration Handler. Executing a manipulation can lead to hard-coded credentials.
The identification of this vulnerability is CVE-2026-5189. The attack may be launched remotely. There is no exploit available.
You should upgrade the affected component.
GHSA
GHSA-4gcp-x7jh-x4v7: CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3
ghsa_unreviewed·2026-04-15
CVE-2026-5189 [CRITICAL] CWE-798 GHSA-4gcp-x7jh-x4v7: CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3
CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access to the internal database and execute arbitrary OS commands as the Nexus process user. Exploitation requires the non-default nexus.orient.binaryListenerEnabled=true configuration to be enabled.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-04-15
Published