A local attacker could alter existing configurations and gain privileged access to the PcVue application due to a weak encryption algorithm used for user account configurations in PcVue projects prior to version 17.0.0. This issue arises from the insufficient strength of the encryption algorithm protecting user account configurations stored in the built-in user directory of PcVue projects. The vulnerabili [truncated]
CVE-2026-14867 is a vulnerability in PcVue projects where credentials of built-in users are stored insecurely in the User directory. This issue affects all versions prior to 17.0.0 and allows a local attacker to retrieve users' credentials. Active Directory accounts are not affected. The vulnerability has a CVSS score of 6.8 and a severity of MEDIUM. The CVE record was published on 2026-07-07T10:16:40.120 [truncated]