CVE-2025-60639
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk22th percentile - higher than 22% of all known CVEs
Summary
Hardcoded credentials were found in the ATLAS-EPIC source code in commit f29312c (2025-05-26). This means authentication data is directly embedded in the repository, readable by anyone with code access.
Risk Assessment
An attacker with access to the repository or compiled application can read these credentials and use them for unauthorized access to systems or data, potentially leading to confidentiality and integrity breaches.
Recommendation
Immediately remove hardcoded credentials from the source code, replace them with environment variables or a secure secrets manager, and rotate all compromised passwords and keys.
Original NVD description (English source)
Hardcoded credentials in gsigel14 ATLAS-EPIC commit f29312c (2025-05-26).

