CVE-2026-41588 RELATE: Timing Attack Vulnerability in course/auth.py — check_sign_in_key()

RELATE is a web-based courseware package. Prior to commit 2f68e16, there is a timing attack vulnerability in course/auth.py — checksigninkey. This issue has been patched via commit 2f68e16...

PT-2026-39141

Name of the Vulnerable Software and Affected Versions RELATE versions prior to commit 2f68e16 Description A timing attack exists in the check sign in key function within the course/auth.py file. A timing attack is a side-channel attack where an attacker attempts to compromise a system by analyzin...