{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-50110/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-30T22:54:42.362Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-50110","@id":"https://www.cve.org/CVERecord?id=CVE-2026-50110","description":"Storage Concentrator (SC & SCVM) contains hardcoded credentials for numerous internal services embedded within a configuration file. While the credentials are stored in an encoded format, the encoding can be reversed to plaintext. The exposed credentials span a broad range of internal services, including database accounts, licensing, replication services, and third-party integrations, meaning successful exploitation of this vulnerability could provide an attacker with unauthorized access to mult"},"products":[{"@id":"cpe:2.3:a:stonefly:storage_concentrator:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:stonefly:storage_concentrator:*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:stonefly:storage_concentrator_virtual_machine:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:stonefly:storage_concentrator_virtual_machine:*:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"Update to a fixed version: 8.0.4.26, 8.0.4.29.","timestamp":"2026-06-30T22:54:42.362Z"}]}