2115 matches found
Rack::Session::Cookie secrets: decrypt failure fallback enables secretless session forgery and Marshal deserialization
'Rack::Session::Cookie incorrectly handles decryption failures when configured with secrets:. If cookie decryption fails, the implementation falls back to a default decoder instead of rejecting the cookie. This allows an unauthenticated attacker to supply a crafted session cookie that is accepted...
CVE-2026-39324
Rack::Session is a session management implementation for Rack. From 2.0.0 to before 2.1.2, Rack::Session::Cookie incorrectly handles decryption failures when configured with secrets:. If cookie decryption fails, the implementation falls back to a default decoder instead of rejecting the cookie...
UBUNTU-CVE-2026-39324
Rack::Session is a session management implementation for Rack. From 2.0.0 to before 2.1.2, Rack::Session::Cookie incorrectly handles decryption failures when configured with secrets:. If cookie decryption fails, the implementation falls back to a default decoder instead of rejecting the cookie...
CVE-2026-39324
Rack::Session is a session management implementation for Rack. From 2.0.0 to before 2.1.2, Rack::Session::Cookie incorrectly handles decryption failures when configured with secrets:. If cookie decryption fails, the implementation falls back to a default decoder instead of rejecting the cookie...
CVE-2026-39324
CVE-2026-39324 affects Rack::Session::Cookie. From 2.0.0 up to 2.1.1, decryption failures under secrets: allow cookies to be decoded by a default coder instead of being rejected, enabling an unauthenticated attacker to forge session data and potentially gain unauthorized access. Affected componen...
CVE-2026-39324 Rack::Session::Cookie secrets: decrypt failure fallback enables secretless session forgery and Marshal deserialization
Rack::Session is a session management implementation for Rack. From 2.0.0 to before 2.1.2, Rack::Session::Cookie incorrectly handles decryption failures when configured with secrets:. If cookie decryption fails, the implementation falls back to a default decoder instead of rejecting the cookie...
CVE-2026-39324 Rack::Session::Cookie secrets: decrypt failure fallback enables secretless session forgery and Marshal deserialization
Rack::Session is a session management implementation for Rack. From 2.0.0 to before 2.1.2, Rack::Session::Cookie incorrectly handles decryption failures when configured with secrets:. If cookie decryption fails, the implementation falls back to a default decoder instead of rejecting the cookie...
CVE-2026-39332
ChurchCRM is an open-source church management system. Prior to 7.1.0, a reflected Cross-Site Scripting XSS vulnerability in GeoPage.php allows any authenticated user to inject arbitrary JavaScript into the browser of another authenticated user. Because the payload fires automatically via autofocu...
PT-2026-30806
Name of the Vulnerable Software and Affected Versions Rack::Session versions 2.0.0 through 2.1.1 Description Rack::Session is a session management implementation for Rack. Versions 2.0.0 through 2.1.1 incorrectly handle decryption failures when configured with secrets. If cookie decryption fails,...
Linux Distros Unpatched Vulnerability : CVE-2026-39324
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rack::Session is a session management implementation for Rack. From 2.0.0 to before 2.1.2, Rack::Session::Cookie incorrectly handles decryption failures when...
Incorrect Authorization
Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Incorrect Authorization via the storagefolder configuration option, which allows a user with SETTINGS and ADD permissions to redirect downloads to the Flask...
PT-2026-30341
Name of the Vulnerable Software and Affected Versions pyLoad affected versions not specified Description pyLoad, a Python-based download manager, has a flaw where a user with SETTINGS and ADD permissions can redirect downloads to the Flask filesystem session store. This allows planting a maliciou...
EUVD-2026-18797
Budibase is an open-source low-code platform. Prior to version 3.32.5, Budibase's Builder Command Palette renders entity names tables, views, queries, automations using Svelte's @html directive without any sanitization. An authenticated user with Builder access can create a table, automation, vie...
CVE-2026-35218
Budibase is an open-source low-code platform. Prior to version 3.32.5, Budibase's Builder Command Palette renders entity names tables, views, queries, automations using Svelte's @html directive without any sanitization. An authenticated user with Builder access can create a table, automation, vie...
CVE-2026-35218 Budibase: Stored XSS via unsanitized entity names rendered with {@html} in Builder Command Palette
Budibase is an open-source low-code platform. Prior to version 3.32.5, Budibase's Builder Command Palette renders entity names tables, views, queries, automations using Svelte's @html directive without any sanitization. An authenticated user with Builder access can create a table, automation, vie...
Better Auth Has Two-Factor Authentication Bypass via Premature Session Caching (session.cookieCache)
Summary Under certain configurations, sessions may be considered valid before two-factor authentication 2FA is fully completed. This can allow access to authenticated routes without verifying the second factor. --- Description When two-factor authentication is enabled, the authentication flow...
Authentication Bypass Using an Alternate Path or Channel
Overview better-auth is a The most comprehensive authentication library for TypeScript. Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the session.cookieCache component. An attacker can gain unauthorized access to protected...
Bulwark Webmail 授权问题漏洞
Bulwark Webmail is an open-source hosted webmail client developed by Bulwark Mail. Versions of Bulwark Webmail prior to 1.4.10 had an authorization vulnerability. This vulnerability stemmed from a logical issue in the verifyIdentity function, which returned true when no session cookie was present...
Insufficient Session Expiration
Overview Affected versions of this package are vulnerable to Insufficient Session Expiration due to the failure to revoke existing authenticated sessions after a password reset or password change process. An attacker can maintain unauthorized access to an account by reusing a previously obtained...
CVE-2026-4820
IBM Maximo Application Suite is affected by CVE-2026-4820 due to the session cookie ltpatoken2_ not being marked Secure, enabling potential cookie theft over insecure links. Affected versions: 8.10, 8.11, 9.0, 9.1. Remediations: 8.10.33, 8.11.30, 9.0.19, 9.1.8. CVSS Base score: 4.3 (CWE-614: Sens...