CVE-2026-1836
Deferred Deferred - Pending Action
Authentication Credentials Stored in Browser Cache

Publication date: 2026-06-12

Last updated on: 2026-06-12

Assigner: Spanish National Cybersecurity Institute, S.A. (INCIBE)

Description
The system stores the username and password from the login form after submitting the request. This could allow an attacker with access to the platform to return to the browser and view the login credentials.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-12
Last Modified
2026-06-12
Generated
2026-06-12
AI Q&A
2026-06-12
EPSS Evaluated
N/A
NVD
CVE-2026-1836
EUVD
EUVD-2026-36424
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
redmine redmine to 6.0.7 (inc)
redmine redmine to 5.1.10 (inc)
redmine redmine to 5.0.14 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-257 The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plaintext passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders. If a system administrator can recover a password directly, or use a brute force search on the available information, the administrator can use the password on other accounts.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-1836 is a medium-severity vulnerability in Redmine, a project management web application. The system stores the username and password entered in the login form after submission in a way that allows an attacker with access to the platform to retrieve these credentials by revisiting the browser.

This vulnerability is classified as CWE-257, which means credentials are stored in a recoverable format, exposing sensitive information.

Impact Analysis

An attacker who gains access to the platform could view stored login credentials (username and password) by returning to the browser, potentially leading to unauthorized access to user accounts and sensitive information.

Detection Guidance

This vulnerability involves the system storing login credentials (username and password) from the login form after submission, which can be retrieved by revisiting the browser.

To detect this vulnerability on your system, you should check if your Redmine installation is storing login credentials in a recoverable format within the platform or browser.

Since the vulnerability is related to stored credentials in the application, detection commands would focus on inspecting the Redmine application data or browser storage rather than network traffic.

  • Review browser storage (localStorage, sessionStorage, cookies) for stored credentials related to Redmine.
  • Check Redmine application logs or database entries for any stored login credentials.
  • Verify the Redmine version using commands like `redmine --version` or checking the application interface to confirm if it is one of the vulnerable versions.
Mitigation Strategies

The immediate mitigation step is to upgrade Redmine to a fixed version where this vulnerability has been addressed.

  • Upgrade Redmine to version 6.0.7, 5.1.10, or 5.0.14 or later.
  • Restrict access to the platform to trusted users only, minimizing the risk of an attacker accessing stored credentials.
  • Clear any stored credentials from browsers and application storage to prevent retrieval.
  • Review and enhance access controls and user permissions to limit exposure.
Compliance Impact

The vulnerability involves storing login credentials (username and password) in a recoverable format within the system, which could allow an attacker with platform access to retrieve these credentials.

Such exposure of sensitive authentication data can lead to non-compliance with common security and privacy standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive information to prevent unauthorized access.

Specifically, storing credentials in a recoverable format increases the risk of data breaches and unauthorized disclosure, which are violations of these regulations' requirements for data confidentiality and integrity.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1836. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart