2 matches found
CVE-2026-24894 FrankenPHP leaks session data between requests in worker mode
FrankenPHP is a modern application server for PHP. Prior to 1.11.2, when running FrankenPHP in worker mode, the $SESSION superglobal is not correctly reset between requests. This allows a subsequent request processed by the same worker to access the $SESSION data of the previous request potential...
GHSA-VJMR-6PMM-RPRF Dataease v1.11.1 SQL Injection via parameter dataSourceId
Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId. Version 1.11.2 contains a fix...