CVE-2026-41133

pyLoad is a free and open-source download manager written in Python. Versions up to and including 0.5.0b3.dev97 cache role and permission in the session at login and continues to authorize requests using these cached values, even after an admin changes the user's role/permissions in the database...

PT-2024-31566 · Pypi · Flask-Appbuilder

Name of the Vulnerable Software and Affected Versions: Flask-AppBuilder versions prior to 4.5.1 Description: The auth DB login form default cache directives in Flask-AppBuilder allow browsers to locally store sensitive data. This can be an issue in environments using shared computer resources...

CVE-2024-21619

A Missing Authentication for Critical Function vulnerability combined with a Generation of Error Message Containing Sensitive Information vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to access sensitive system...

PT-2018-13900 · Tgstation · Tgstation-Server

Name of the Vulnerable Software and Affected Versions: tgstation-server versions 3.2.1.0 through 3.2.4.0 Description: The issue allows active logins to be cached, enabling subsequent logins to succeed with any username or password. This is due to a bug in the WCF communication layer, where the...

CVE-2017-17734

CMS Made Simple CMSMS before 2.2.5 does not properly cache login information in sessions...