Hard-coded Credentials

Embedding credentials directly in code or binaries creates a persistent risk of unauthorized access when exposed.

#appsec#cwe

Last updated: 2025-09-02T00:00:00.000Z

Evidence

CWE CWE-798 Normative evidence
cwe.mitre.org

Mappings

CWE-798

More context

Externalize secrets, use secret stores, and rotate credentials to reduce exposure.