Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Vulnrichment
Vulnrichmentadded 2026/02/12 7:12 p.m.3 views

CVE-2026-24894 FrankenPHP leaks session data between requests in worker mode

FrankenPHP is a modern application server for PHP. Prior to 1.11.2, when running FrankenPHP in worker mode, the $SESSION superglobal is not correctly reset between requests. This allows a subsequent request processed by the same worker to access the $SESSION data of the previous request potential...

8.7CVSS5.5AI score0.0006EPSS
Exploits1References3
Github Security Blog
Github Security Blogadded 2026/02/12 3:29 p.m.8 views

FrankenPHP leaks session data between requests in worker mode

Summary When running FrankenPHP in worker mode, the $SESSION superglobal is not correctly reset between requests. This allows a subsequent request processed by the same worker to access the $SESSION data of the previous request potentially belonging to a different user before sessionstart is...

8.7CVSS5.6AI score0.0006EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2023/04/12 11:15 p.m.0 views

CVE-2023-22620

An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. This can afterwards be used to bypass the device's authentication and get access to the administrative interface...

7.5CVSS7.1AI score0.84219EPSS
Exploits4References4
Rows per page
Query Builder