CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/06/15 8:5 p.m.•8 views

GHSA-G8MR-85JM-7XHM Vitest Browser: Exposed Browser Mode API Can Proxy CDP and Overwrite Config Files, Leading to RCE

Summary Vitest Browser Mode exposes a cdp API that forwards raw Chrome DevTools Protocol CDP methods over the Vitest browser WebSocket RPC. CDP is not gated by browser.api.allowWrite, browser.api.allowExec, api.allowWrite, or api.allowExec. As a result, disabling Browser Mode write and exec...

9.8CVSS5.8AI score0.00089EPSS

Exploits0References2

CVE•added 2026/06/09 4:4 p.m.•16 views

CVE-2026-49843

FreeSWITCH vulnerability CVE-2026-49843 affects mod_verto before version 1.11.1. The JSON-RPC handler binds the client-supplied sessid on the first frame prior to authentication, inserting the connection into the global session hash and evicting any prior occupant on key collision (sending verto....

5.3CVSS5.4AI score0.00284EPSS

Exploits0References2Affected Software1

Debian CVE•added 2026/06/09 7:34 a.m.•8 views

CVE-2009-10007

Catalyst::Plugin::Authentication versions before 0.10027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after authentication. An attacker that obtains a session id cookie can use this to impersonate the victim...

9.1CVSS5.5AI score0.00396EPSS

Exploits0

EUVD•added 2026/06/09 3:49 a.m.•7 views

EUVD-2026-35326

A WebFlux application with a compromised subdomain for example, compromised via cross-site scripting XSS is vulnerable to an escalation attack exchanging a known session ID for that of an authenticated user. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0...

4.2CVSS5.2AI score0.00133EPSS

Positive Technologies•added 2026/06/09 12:0 a.m.•8 views

PT-2026-47726

Name of the Vulnerable Software and Affected Versions Catalyst::Plugin::Authentication versions prior to 0.10 027 Description The software is susceptible to session fixation attacks because it does not automatically change the session id after authentication. This allows an attacker who obtains a...

9.1CVSS5.4AI score0.00396EPSS

Exploits0References8

IBM Security Bulletins•added 2026/06/08 6:47 p.m.•6 views

Security Bulletin: Unauthenticated Session History Access via Public Flow Execution

Summary A session ID namespace bypass vulnerability existed in Langflow OSS' POST /api/v1/buildpublictmp/flowid/flow endpoint that allowed unauthenticated attackers to access chat history from other users' sessions. The endpoint accepted an inputs.session parameter that could override the session...

8.1CVSS5.5AI score0.00248EPSS

Exploits0Affected Software1

RedhatCVE•added 2026/06/05 7:49 p.m.•7 views

CVE-2026-5083

Ado::Sessions versions through 0.935 for Perl generates insecure session ids. The session id is generated from a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked fr...

5.3CVSS5.4AI score0.00428EPSS

RedhatCVE•added 2026/06/05 7:30 p.m.•7 views

CVE-2026-42276

Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the POST /chat/stop-chat-session/chatsessionid endpoint lets any authenticated user stop any other user's active chat session. The endpoint checks authentication but never verifies the session belongs to the caller. An...

4.3CVSS5.4AI score0.00279EPSS

Exploits1References1

RedhatCVE•added 2026/06/05 7:29 p.m.•9 views

CVE-2026-46544

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO accepts client-supplied sessionid values in WebSocket task messages and reuses an existing in-memory session object if that sessionid already exists. If a prior session...

5.3CVSS5.5AI score0.00422EPSS

RedhatCVE•added 2026/06/05 7:21 p.m.•8 views

CVE-2026-30808

Session Fixation vulnerability allows Session Hijacking via crafted session ID. This issue affects Pandora FMS: from 777 through 800...

8.1CVSS5.5AI score0.00267EPSS

CVE•added 2026/06/05 5:56 p.m.•17 views

CVE-2026-45743

Termix before 2.3.2 has an IDOR flaw in 16 file-manager endpoints where the server fails to verify that the requester owns the SSH session identified by sessionId. An authenticated user who can guess another user’s active sessionId can read, write, delete, download, and execute files on the victi...

8.1CVSS5.6AI score0.00234EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2026/06/05 12:0 a.m.•9 views

PT-2026-47019

Name of the Vulnerable Software and Affected Versions Termix versions prior to 2.3.2 Description Termix is a web-based server management platform providing SSH terminal, tunneling, and file editing capabilities. The File Manager functionality contains a Broken Access Control issue resulting from...

9CVSS5.8AI score0.00321EPSS

Exploits1References6

NVD•added 2026/06/01 3:16 a.m.•11 views

CVE-2026-10212

A vulnerability was identified in AstrBotDevs AstrBot 4.24.2. This affects the function astrmainagent of the file astrbot/core/astrmainagent.py. Such manipulation of the argument sessionid leads to authorization bypass. It is possible to launch the attack remotely. The exploit is publicly availab...

6.5CVSS0.00211EPSS

ATTACKERKB•added 2026/06/01 1:30 a.m.•6 views

CVE-2026-10212

Exploits0References5Affected Software1

Vulnrichment•added 2026/06/01 1:30 a.m.•9 views

CVE-2026-10212 AstrBotDevs AstrBot astr_main_agent.py astr_main_agent authorization

CVE•added 2026/06/01 1:30 a.m.•18 views

CVE-2026-10212

CVE-2026-10212 concerns AstrBotDevs AstrBot 4.24.2, where the vulnerability resides in the function astr_main_agent of astrbot/core/astr_main_agent.py . Manipulation of the argument session_id enables an authorization bypass, with a remote attack possible. Public exploit availability is noted, an...

Positive Technologies•added 2026/06/01 12:0 a.m.•10 views

PT-2026-45244

A vulnerability was identified in AstrBotDevs AstrBot 4.24.2. This affects the function astr main agent of the file astrbot/core/astr main agent.py. Such manipulation of the argument session id leads to authorization bypass. It is possible to launch the attack remotely. The exploit is publicly...