Lucene search
+L

2170 matches found

EUVD
EUVD
added 2026/04/16 6:31 p.m.6 views

EUVD-2026-23272

A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstaxauth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03...

8.7CVSS5.8AI score0.00202EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/16 5:2 p.m.4 views

CVE-2026-2336

A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstaxauth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03...

8.7CVSS5.8AI score0.00202EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/16 1:20 a.m.7 views

pyLoad has a Session Cookie Security Downgrade via Untrusted X-Forwarded-Proto Header Spoofing (Global State Race Condition)

Summary The setsessioncookiesecure beforerequest handler in src/pyload/webui/app/init.py reads the X-Forwarded-Proto header from any HTTP request without validating that the request originates from a trusted proxy, then mutates the global Flask configuration SESSIONCOOKIESECURE on every request...

4.8CVSS5.8AI score0.00171EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/04/16 1:20 a.m.10 views

GHSA-MP82-FMJ6-F22V pyLoad has a Session Cookie Security Downgrade via Untrusted X-Forwarded-Proto Header Spoofing (Global State Race Condition)

Summary The setsessioncookiesecure beforerequest handler in src/pyload/webui/app/init.py reads the X-Forwarded-Proto header from any HTTP request without validating that the request originates from a trusted proxy, then mutates the global Flask configuration SESSIONCOOKIESECURE on every request...

4.8CVSS5.8AI score0.00171EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.6 views

PT-2026-33346

A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstax auth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03...

8.7CVSS5.8AI score0.00202EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.11 views

PT-2026-33285

Name of the Vulnerable Software and Affected Versions pyLoad affected versions not specified Description A race condition exists in the set session cookie secure before request handler within the src/pyload/webui/app/ init .py file. The application reads the X-Forwarded-Proto header from HTTP...

4.8CVSS5.7AI score0.00171EPSS
Exploits1References5
OSV
OSV
added 2026/04/15 12:42 a.m.7 views

CLEANSTART-2026-FA60324 It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session

Multiple security vulnerabilities affect the keycloak package. It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. See references for individual vulnerability details...

9.8CVSS5.8AI score0.02405EPSS
Exploits0References19
Github Security Blog
Github Security Blog
added 2026/04/14 11:18 p.m.10 views

WWBN AVideo has CORS Origin Reflection with Credentials on Sensitive API Endpoints Enables Cross-Origin Account Takeover

Summary The allowOrigin$allowAll=true function in objects/functions.php reflects any arbitrary Origin header back in Access-Control-Allow-Origin along with Access-Control-Allow-Credentials: true. This function is called by both plugin/API/get.json.php and plugin/API/set.json.php — the primary API...

8.1CVSS5.9AI score0.00335EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/04/14 11:18 p.m.13 views

GHSA-CCQ9-R5CW-5HWQ WWBN AVideo has CORS Origin Reflection with Credentials on Sensitive API Endpoints Enables Cross-Origin Account Takeover

Summary The allowOrigin$allowAll=true function in objects/functions.php reflects any arbitrary Origin header back in Access-Control-Allow-Origin along with Access-Control-Allow-Credentials: true. This function is called by both plugin/API/get.json.php and plugin/API/set.json.php — the primary API...

8.1CVSS5.9AI score0.00335EPSS
Exploits1References4
NVD
NVD
added 2026/04/14 11:16 p.m.4 views

CVE-2026-34454

OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. A regression introduced in 7.11.0 prevents OAuth2 Proxy from clearing the session cookie when rendering the sign-in page. In deployments that rely on the sign-in page as part of their logout flow, a user may be...

3.5CVSS0.00183EPSS
Exploits0References2
OSV
OSV
added 2026/04/14 10:31 p.m.8 views

GHSA-F24X-5G9Q-753F OAuth2 Proxy's session cookies are not cleared when rendering sign-in page

Impact A regression introduced in v7.11.0 is preventing OAuth2 Proxy from clearing the session cookie when rendering the sign-in page. This only impacts deployments that rely on the sign-in page as part of their logout flow. In those setups, a user may be shown the sign-in page while the existing...

3.5CVSS5.8AI score0.00183EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/14 10:10 p.m.2 views

CVE-2026-34454 OAuth2 Proxy: Session cookie not cleared when rendering sign-in page

OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. A regression introduced in 7.11.0 prevents OAuth2 Proxy from clearing the session cookie when rendering the sign-in page. In deployments that rely on the sign-in page as part of their logout flow, a user may be...

3.5CVSS5.8AI score0.00183EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/14 10:10 p.m.4 views

CVE-2026-34454

OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. A regression introduced in 7.11.0 prevents OAuth2 Proxy from clearing the session cookie when rendering the sign-in page. In deployments that rely on the sign-in page as part of their logout flow, a user may be...

3.5CVSS5.8AI score0.00183EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/04/14 10:10 p.m.21 views

CVE-2026-34454 OAuth2 Proxy: Session cookie not cleared when rendering sign-in page

OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. A regression introduced in 7.11.0 prevents OAuth2 Proxy from clearing the session cookie when rendering the sign-in page. In deployments that rely on the sign-in page as part of their logout flow, a user may be...

3.5CVSS0.00183EPSS
Exploits0References2
CVE
CVE
added 2026/04/14 10:10 p.m.16 views

CVE-2026-34454

OAuth2 Proxy (oauth2-proxy) has a regression introduced in 7.11.0 where the session cookie is not cleared when rendering the sign-in page. This can allow a remaining authenticated session on the browser, particularly for logout flows that rely on the sign-in page. The issue is fixed in 7.15.2. De...

3.5CVSS5.8AI score0.00183EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/04/14 10:10 p.m.2 views

CVE-2026-34454 OAuth2 Proxy: Session cookie not cleared when rendering sign-in page

OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. A regression introduced in 7.11.0 prevents OAuth2 Proxy from clearing the session cookie when rendering the sign-in page. In deployments that rely on the sign-in page as part of their logout flow, a user may be...

3.5CVSS5.9AI score0.00183EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.9 views

PT-2026-32954

Name of the Vulnerable Software and Affected Versions OAuth2 Proxy versions 7.11.0 through 7.15.1 Description A regression prevents the reverse proxy from clearing the session cookie when rendering the sign-in page. In deployments relying on the sign-in page for the logout flow, the browser sessi...

3.5CVSS5.8AI score0.00183EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.16 views

OAuth2 Proxy 代码问题漏洞

OAuth2 Proxy is a product developed by OAuth2 Proxy organization that can provide a reverse proxy for authentication with Google, Github, or other providers. Versions of OAuth2 Proxy from 7.11.0 to 7.15.2 had code-related vulnerabilities. This vulnerability stemmed from a regression issue that...

3.5CVSS5.8AI score0.00183EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/09 11:25 p.m.40 views

SUSE CVE-2026-39324

Rack::Session is a session management implementation for Rack. From 2.0.0 to before 2.1.2, Rack::Session::Cookie incorrectly handles decryption failures when configured with secrets:. If cookie decryption fails, the implementation falls back to a default decoder instead of rejecting the cookie...

9.3CVSS5.8AI score0.0027EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/04/08 10:35 a.m.7 views

CVE-2026-39324

A flaw was found in Rack::Session. When configured with secrets, the Rack::Session::Cookie component incorrectly handles decryption failures. This allows an unauthenticated attacker to provide a specially crafted session cookie that is accepted as valid, even without knowledge of the configured...

9.8CVSS5.9AI score0.0027EPSS
Exploits1References2
Rows per page
Query Builder