Lucene search
K

4 matches found

EUVD
EUVD
added 2026/04/21 12:32 a.m.6 views

EUVD-2026-23983

HKUDS OpenHarness prior to PR 159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exploiting a shared ohmo session key that lacks sender identity verification. Attackers can reuse...

6.3CVSS5.8AI score0.00197EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/20 10:1 p.m.7 views

CVE-2026-6729 HKUDS OpenHarness Session Key Collision Privilege Escalation

HKUDS OpenHarness prior to PR 159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exploiting a shared ohmo session key that lacks sender identity verification. Attackers can reuse...

6.3CVSS5.8AI score0.00197EPSS
Exploits1References3
CVE
CVE
added 2026/04/20 10:1 p.m.11 views

CVE-2026-6729

CVE-2026-6729 concerns HKUDS OpenHarness before PR #159, where a session key derivation flaw allows authenticated participants in shared chats/threads to hijack other users’ sessions by exploiting a shared ohmo session key without sender identity verification. This enables reuse of another user’s...

7.6CVSS5.8AI score0.00197EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/04/20 10:1 p.m.34 views

CVE-2026-6729 HKUDS OpenHarness Session Key Collision Privilege Escalation

HKUDS OpenHarness prior to PR 159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exploiting a shared ohmo session key that lacks sender identity verification. Attackers can reuse...

6.3CVSS0.00197EPSS
Exploits1References3
Rows per page
Query Builder