magento-lts 安全特征问题漏洞

Magento LTS is an open-source alternative to OpenMage, designed as a reliable substitute for the official Magento CE version. Versions of Magento LTS prior to 20.18.0 had security vulnerabilities. These vulnerabilities stemmed from the XML-RPC/SOAP API session IDs using time-based, outdated...

CVE-2025-53895 ZITADEL has broken authN and authZ in session API and resulting session tokens

ZITADEL is an open source identity management system. Starting in version 2.53.0 and prior to versions 4.0.0-rc.2, 3.3.2, 2.71.13, and 2.70.14, vulnerability in ZITADEL's session management API allows any authenticated user to update a session if they know its ID, due to a missing permission chec...