CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

193 matches found

EUVD•added 2026/06/11 11:30 a.m.•7 views

EUVD-2026-36236

A vulnerability was determined in TwiN gatus 5.36.0. Impacted is the function setSessionCookie of the file security/oidc.go of the component OIDC Session Cookie Handler. Executing a manipulation can lead to sensitive cookie without secure attribute. The attack can be launched remotely. This attac...

6.3CVSS4.9AI score0.00191EPSS

Exploits0References6

IBM Security Bulletins•added 2026/04/01 7:9 p.m.•7 views

Security Bulletin: IBM Maximo Application Suite was vulnerable to CVE-2026-4820 because Cookie ltpatoken2_<workspace_name> was not set with secure flag

Summary IBM Maximo Application Suite was vulnerable to CVE-2026-4820 because Cookie ltpatoken2 was not set with secure flag Vulnerability Details CVEID:CVE-2026-4820 DESCRIPTION: IBM Maximo Application Suite does not set the secure attribute on authorization tokens or session cookies. Attackers m...

4.3CVSS5.8AI score0.00118EPSS

Exploits0Affected Software1

Snyk•added 2026/03/25 5:32 p.m.•2 views

Sensitive Cookie in HTTPS Session Without "Secure" Attribute

Overview @grackle-ai/server is a Grackle server orchestrator — spawns and wires core gRPC, web-server HTTP, MCP, and PowerLine Affected versions of this package are vulnerable to Sensitive Cookie in HTTPS Session Without "Secure" Attribute in the session process. An attacker can intercept session...

3.1CVSS5.9AI score

Exploits0References2

RedhatCVE•added 2026/01/09 12:31 p.m.•6 views

CVE-2023-4654

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository instantsoft/icms2 prior to 2.16.1...

3.5CVSS6.8AI score0.00289EPSS

Exploits1References1

Snyk•added 2025/12/18 8:46 p.m.•5 views

Sensitive Cookie in HTTPS Session Without "Secure" Attribute

Overview Kentico.Xperience.Libraries is a package for libraries and applications that use Kentico Xperience API. Affected versions of this package are vulnerable to Sensitive Cookie in HTTPS Session Without "Secure" Attribute via the SetValue method in the CookieHelper class. The requireSSL...

6.9CVSS6.8AI score0.00162EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-17251

Malware in sbrugna...

5.3CVSS5.5AI score0.00926EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2009-0415

Malware in sbrugna...

5CVSS6.3AI score0.01027EPSS

Exploits0References6