CVE-2026-32132

ZITADEL is an open source identity management platform. Prior to 3.4.8 and 4.12.2, a potential vulnerability exists in Zitadel's passkey registration endpoints. This endpoint allows registering a new passkey using a previously retrieved code. An improper expiration check of the code, could allow ...

Online Course Registration Session Hijacking Vulnerability

Online Course Registration is an online course registration system. A session hijacking vulnerability exists in Online Course Registration, which stems from improper session expiration of the component /crm/change-password.php. No details of the vulnerability are available at this time...

PHPGurukul Online Course Registration 安全漏洞

Online Course Registration is an online course registration system. A session hijacking vulnerability exists in Online Course Registration, which stems from improper session expiration of the component /crm/change-password.php. No details of the vulnerability are available at this time...

Improper Expiration Of OTP Codes

org.keycloak:keycloak-core is vulnerable to Improper Expiration of OTP Codes. The vulnerability is due to the improper handling of OTP expiration in the FreeOTP implementation, where expired OTP codes remain usable for an additional 30 seconds, allowing them to be valid for a total of 1 minute...