CVE-2026-39972

Mercure is a protocol for pushing data updates to web browsers and other HTTP clients in a battery-efficient way. Prior to 0.22.0, a cache key collision vulnerability in TopicSelectorStore allows an attacker to poison the match result cache, potentially causing private updates to be delivered to...

CVE-2026-44552

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the toolservers and terminalservers keys in utils/tools.py do use a prefix. When two or more Open WebUI instances share a Redis database a supported and documented deployment pattern...

CVE-2026-44552

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the toolservers and terminalservers keys in utils/tools.py do use a prefix. When two or more Open WebUI instances share a Redis database a supported and documented deployment pattern...

CVE-2026-30246

Fiber is a web framework for Go. In github.com/gofiber/fiber/v3 versions through 3.1.0, the default key generator in the cache middleware uses only the request path and does not include the query string. As a result, requests for the same path with different query parameters can share a cache key...

CVE-2026-41131

A flaw was found in OpenFGA, an authorization and permission engine. When certain authorization models use conditions with caching enabled, the system can incorrectly generate the same cache key for different requests. This error causes OpenFGA to reuse an outdated authorization decision,...

CVE-2026-6729 HKUDS OpenHarness Session Key Collision Privilege Escalation

HKUDS OpenHarness prior to PR 159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exploiting a shared ohmo session key that lacks sender identity verification. Attackers can reuse...

CVE-2026-6729

CVE-2026-6729 concerns HKUDS OpenHarness before PR #159, where a session key derivation flaw allows authenticated participants in shared chats/threads to hijack other users’ sessions by exploiting a shared ohmo session key without sender identity verification. This enables reuse of another user’s...

CVE-2026-6729 HKUDS OpenHarness Session Key Collision Privilege Escalation

HKUDS OpenHarness prior to PR 159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exploiting a shared ohmo session key that lacks sender identity verification. Attackers can reuse...

CVE-2026-39972

Mercure is a protocol for pushing data updates to web browsers and other HTTP clients in a battery-efficient way. Prior to 0.22.0, a cache key collision vulnerability in TopicSelectorStore allows an attacker to poison the match result cache, potentially causing private updates to be delivered to...

EUVD-2026-20967

Mercure is a protocol for pushing data updates to web browsers and other HTTP clients in a battery-efficient way. Prior to 0.22.0, a cache key collision vulnerability in TopicSelectorStore allows an attacker to poison the match result cache, potentially causing private updates to be delivered to...

CVE-2026-39972 Mercure has a Topic Selector Cache Key Collision

Mercure is a protocol for pushing data updates to web browsers and other HTTP clients in a battery-efficient way. Prior to 0.22.0, a cache key collision vulnerability in TopicSelectorStore allows an attacker to poison the match result cache, potentially causing private updates to be delivered to...

CVE-2026-39972

CVE-2026-39972 affects Mercure prior to 0.22.0. A cache key collision in TopicSelectorStore arises from concatenating topicSelector and topic with an underscore, which can produce identical keys for different pairs because both fields may contain underscores. An attacker who can subscribe or publ...

CVE-2026-39972

Mercure is a protocol for pushing data updates to web browsers and other HTTP clients in a battery-efficient way. Prior to 0.22.0, a cache key collision vulnerability in TopicSelectorStore allows an attacker to poison the match result cache, potentially causing private updates to be delivered to...

PT-2026-31661

Impact A cache key collision vulnerability in TopicSelectorStore allows an attacker to poison the match result cache, potentially causing private updates to be delivered to unauthorized subscribers or blocking delivery to authorized ones. The cache key was constructed by concatenating the topic...

OpenFGA's BatchCheck within-request deduplication produces incorrect authorization decisions via list-value cache-key collision

Description In OpenFGA, under specific conditions, BatchCheck calls with multiple checks sent for the same object, relation, and user combination can result in improper policy enforcement. Am I affected? You are affected if you meet the following preconditions: 1. You execute BatchCheck operation...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization when BatchCheck calls with multiple checks are sent for the same object, relation, and user combination. An attacker can cause incorrect authorization decisions by exploiting a cache-key collision involving list...

CVE-2026-34972 OpenFGA's BatchCheck within-request deduplication produces incorrect authorization decisions via list-value cache-key collision

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. From 1.8.0 to 1.13.1, under specific conditions, BatchCheck calls with multiple checks sent for the same object, relation, and user combination can result in improper...

CVE-2026-34972

OpenFGA vulnerability CVE-2026-34972 affects OpenFGA versions 1.8.0 through 1.13.1. The issue arises when BatchCheck is invoked with multiple checks for the same object, relation, and user, leading to improper policy enforcement. It is resolved in version 1.14.0. CVSS metrics indicate high impact...

CVE-2026-35039 fast-jwt Affected by Cache Confusion via cacheKeyBuilder Collisions Can Return Claims From a Different Token (Identity/Authorization Mixup)

fast-jwt provides fast JSON Web Token JWT implementation. From 0.0.1 to before 6.2.0, setting up a custom cacheKeyBuilder method which does not properly create unique keys for different tokens can lead to cache collisions. This could cause tokens to be mis-identified during the verification proce...

CVE-2026-35039

CVE-2026-35039 — fast-jwt cacheKeyBuilder collision leads to identity/authorization mixups Multiple connected sources describe a cache-confusion vulnerability in fast-jwt where a user-supplied cacheKeyBuilder can fail to produce unique keys for different tokens. When caching is enabled, two disti...