Lucene search
K

93 matches found

CVE
CVE
added yesterday10 views

CVE-2026-61500

Affected software: Rejetto HFS 3.0.0–3.2.0. Root cause: session-cookie signing key derived from the non‑cryptographic Math.random() generator; outputs disclosed to unauthenticated clients during login. Impact: remote attacker can observe login responses, reconstruct the generator state, recover t...

9.8CVSS6.5AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-57841

Name of the Vulnerable Software and Affected Versions Rejetto HFS versions 3.0.0 through 3.2.0 Description The software derives its session-cookie signing key from the non-cryptographic Math.random generator and discloses outputs of this generator to unauthenticated clients during login. A remote...

9.8CVSS6.5AI score
Exploits0References6
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-42510

The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not sign or verify its guest-session cookie, allowing unauthenticated attackers to forge it and impersonate any ticket owner identified by email address to read, reply to, and close that person's support tickets...

5.3CVSS6AI score0.00193EPSS
Exploits0References1
CVE
CVE
added 5 days ago8 views

CVE-2026-11875

Affected software: WP Support Plus Responsive Ticket System WordPress plugin (up to version 9.1.2). Issue: guest-session cookies are neither signed nor verified, enabling unauthenticated attackers to forge a cookie and impersonate another ticket owner (identified by email) to read, reply to, and ...

5.3CVSS6AI score0.00193EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago34 views

CVE-2026-11875 WP Support Plus Responsive Ticket System <= 9.1.2 - Unauthenticated Support Ticket Access via Session Cookie Forgery

The WP Support Plus Responsive Ticket System WordPress plugin through 9.1.2 does not sign or verify its guest-session cookie, allowing unauthenticated attackers to forge it and impersonate any ticket owner identified by email address to read, reply to, and close that person's support tickets...

0.00193EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/07/02 4:6 p.m.11 views

CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret

Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...

6.3CVSS5.8AI score0.00243EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/02 4:6 p.m.8 views

EUVD-2026-41411

Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...

6.3CVSS5.8AI score0.00243EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40433

Flowise before 3.1.0 affected versions 3.0.13 and earlier uses a weak hardcoded default secret 'flowise' for the express-session middleware when the EXPRESSSESSIONSECRET environment variable is not set packages/server/src/enterprise/middleware/passport/index.ts. Because this default secret is...

9.3CVSS5.8AI score0.0036EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.7 views

CVE-2026-56278

Flowise before 3.1.0 affected versions 3.0.13 and earlier uses a weak hardcoded default secret 'flowise' for the express-session middleware when the EXPRESSSESSIONSECRET environment variable is not set packages/server/src/enterprise/middleware/passport/index.ts. Because this default secret is...

9.3CVSS5.8AI score0.0036EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/06/01 12:2 p.m.122 views

Exploit for Reliance on Cookies without Validation and Integrity Checking in Paloaltonetworks Pan-Os

CVE-2026-0257 - Palo Alto Networks GlobalProtect Authenticatio...

9.1CVSS6AI score0.86678EPSS
Exploits11
NVD
NVD
added 2026/05/25 9:16 p.m.22 views

CVE-2026-44598

With valid login credentials, URL Redirection to Untrusted Site 'Open Redirect', Server-Side Request Forgery SSRF vulnerability in Apache Shiro. This issue affects Apache Shiro from 2.0-alpha to 2.1.0, and 3.0.0-alpha-1, only when using shiro-jakarta-ee integration module. Users are recommended t...

5.4CVSS0.00383EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/25 9:16 p.m.12 views

CVE-2026-44598

With valid login credentials, URL Redirection to Untrusted Site 'Open Redirect', Server-Side Request Forgery SSRF vulnerability in Apache Shiro. This issue affects Apache Shiro from 2.0-alpha to 2.1.0, and 3.0.0-alpha-1, only when using shiro-jakarta-ee integration module. Users are recommended t...

5.4CVSS5.9AI score0.00383EPSS
Exploits0References4
OSV
OSV
added 2026/05/25 9:16 p.m.8 views

UBUNTU-CVE-2026-44598

With valid login credentials, URL Redirection to Untrusted Site 'Open Redirect', Server-Side Request Forgery SSRF vulnerability in Apache Shiro. This issue affects Apache Shiro from 2.0-alpha to 2.1.0, and 3.0.0-alpha-1, only when using shiro-jakarta-ee integration module. Users are recommended t...

5.4CVSS5.9AI score0.00383EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/25 8:19 p.m.9 views

CVE-2026-44598 Apache Shiro Jakarta EE module: Open redirect and SSRF (requires valid credentials)

With valid login credentials, URL Redirection to Untrusted Site 'Open Redirect', Server-Side Request Forgery SSRF vulnerability in Apache Shiro. This issue affects Apache Shiro from 2.0-alpha to 2.1.0, and 3.0.0-alpha-1, only when using shiro-jakarta-ee integration module. Users are recommended t...

5.1CVSS5.9AI score0.00383EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in PHP 7.3

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23, and 7.4.x below 7.4.11, when PHP processes incoming HTTP cookie values, the cookie names are url-decoded. This may result in cookies with prefixes like Host being confused with cookies that are decoded with such prefixes. As a consequence,...

5.3CVSS6.6AI score0.05029EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: rubygem-rack (UTSA-2026-017803)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017803 advisory. A reliance on cookies without validation/integrity check security vulnerability exists in rack 2.2.3, rack 2.1.4 that makes it is possible for an attacker to forge a...

7.5CVSS6.7AI score0.02938EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/16 5:2 p.m.4 views

CVE-2026-2336

A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstaxauth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03...

8.7CVSS5.8AI score0.00202EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/16 5:2 p.m.3 views

CVE-2026-2336 Weak webstax_auth Cookie Authentication Allows Privilege Escalation

A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstaxauth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03...

8.7CVSS5.8AI score0.00202EPSS
Exploits0References1
OSV
OSV
added 2026/04/03 3:41 a.m.3 views

GHSA-FMG6-246M-9G2V Auth0 laravel-auth0 SDK has Insufficient Entropy in Cookie Encryption

Impact In applications built with the Auth0 PHP SDK, cookies are encrypted with insufficient entropy, which may result in threat actors brute-forcing the encryption key and forging session cookies. Am I Affected? You are affected if you meet the following preconditions: - Applications using...

8.2CVSS5.9AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/23 12:9 p.m.4 views

CVE-2026-31848 Reversible ecos_pw Cookie Allows Authentication Bypass in Nexxt Nebula 300+

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 uses the ecospw cookie for authentication, which contains Base64-encoded credential data combined with a static suffix. Because the encoding is reversible and lacks integrity protection, an attacker can reconstruct or forge a valid...

8.7CVSS5.8AI score0.00281EPSS
Exploits0References2
Rows per page
Query Builder