Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940: cPanel/WHM Authentication Bypass Disclaim...

Exploit for CVE-2026-41940

SessionScribe - CVE-2026-41940 Detection, mitigation, and rev...

SUSE CVE-2023-54076

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix missed ses refcounting Use new cifssmbsesincrefcount helper to get an active reference of @ses and @ses-dfsrootses if set. This will prevent @ses-dfsrootses of being put in the next call to cifsputsmbses and thus...

EUVD-2023-60250

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix missed ses refcounting Use new cifssmbsesincrefcount helper to get an active reference of @ses and @ses-dfsrootses if set. This will prevent @ses-dfsrootses of being put in the next call to cifsputsmbses and thus...

UBUNTU-CVE-2023-54076

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix missed ses refcounting Use new cifssmbsesincrefcount helper to get an active reference of @ses and @ses-dfsrootses if set. This will prevent @ses-dfsrootses of being put in the next call to cifsputsmbses and thus...

CVE-2023-54076 smb: client: fix missed ses refcounting

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix missed ses refcounting Use new cifssmbsesincrefcount helper to get an active reference of @ses and @ses-dfsrootses if set. This will prevent @ses-dfsrootses of being put in the next call to cifsputsmbses and thus...

CVE-2023-54076

Technical details about CVE-2023-54076 are not publicly provided in the supplied documents. Monitor for vendor advisories for full specifics and remediation guidance.

PT-2025-53074

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s SMB client implementation related to session reference counting. Specifically, the code failed to properly increment session references using the cifs...

EUVD-2022-7575

Malicious code in bioql PyPI...

SUSE CVE-2023-53052

In the Linux kernel, the following vulnerability has been resolved: cifs: fix use-after-free bug in refreshcacheworker The UAF bug occurred because we were putting DFS root sessions in cifsumount while DFS cache refresher was being executed. Make DFS root sessions have same lifetime as DFS tcons ...

UBUNTU-CVE-2023-53052

In the Linux kernel, the following vulnerability has been resolved: cifs: fix use-after-free bug in refreshcacheworker The UAF bug occurred because we were putting DFS root sessions in cifsumount while DFS cache refresher was being executed. Make DFS root sessions have same lifetime as DFS tcons ...

Ispmanager Security Vulnerability

Ispmanager is a Linux-based control panel from Ispmanager, Inc. It is used to manage dedicated, gaming and VPS web servers, as well as sell shared hosting. A security vulnerability exists in Ispmanager version 6.98.0, which stems from an information disclosure issue that allows an attacker to...

CVE-2022-3916 Keycloak: session takeover with oidc offline refreshtokens

A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...

keycloak: Session takeover with OIDC offline refreshtokens

A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...

keycloak: Session takeover with OIDC offline refreshtokens

A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...

keycloak: Session takeover with OIDC offline refreshtokens

A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...

Keycloak vulnerable to session takeover with OIDC offline refreshtokens

An issue was discovered in Keycloak when using a client with the offlineaccess scope. Reuse of session ids across root and user authentication sessions and a lack of root session validation enabled attackers to resolve a user session attached to a different previously authenticated user. This iss...

keycloak: Session takeover with OIDC offline refreshtokens

A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...

keycloak: Session takeover with OIDC offline refreshtokens

A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...

keycloak: Session takeover with OIDC offline refreshtokens

A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...