CVE-2026-12112

CVE-2026-12112 affects the foreman-mcp-server MCP Server. The issue is a session management vulnerability where an improper cache of authenticated client connections allows an unauthenticated attacker to hijack active administrative sessions by trusting a non-secret session ID without re-validati...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Validates the session ID and tree ID in compound requests. The function smb2getmsg in smb2getksmbdtcon and smb2checkusersession always returns the first command in a compound request’s headers. If SMB2TREECONNECTHE is the...

CVE-2026-55197

Hermes WebUI before 0.51.443 contains a broken access control vulnerability in the /api/session endpoint that allows authenticated users to disclose cross-profile session transcripts. Attackers can bypass profile boundary checks by directly querying session IDs belonging to other profiles via GET...

GHSA-G8MR-85JM-7XHM Vitest Browser: Exposed Browser Mode API Can Proxy CDP and Overwrite Config Files, Leading to RCE

Summary Vitest Browser Mode exposes a cdp API that forwards raw Chrome DevTools Protocol CDP methods over the Vitest browser WebSocket RPC. CDP is not gated by browser.api.allowWrite, browser.api.allowExec, api.allowWrite, or api.allowExec. As a result, disabling Browser Mode write and exec...

CVE-2026-49843

FreeSWITCH vulnerability CVE-2026-49843 affects mod_verto before version 1.11.1. The JSON-RPC handler binds the client-supplied sessid on the first frame prior to authentication, inserting the connection into the global session hash and evicting any prior occupant on key collision (sending verto....

CVE-2009-10007

Catalyst::Plugin::Authentication versions before 0.10027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after authentication. An attacker that obtains a session id cookie can use this to impersonate the victim...

EUVD-2026-35326

A WebFlux application with a compromised subdomain for example, compromised via cross-site scripting XSS is vulnerable to an escalation attack exchanging a known session ID for that of an authenticated user. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0...

PT-2026-47726

Name of the Vulnerable Software and Affected Versions Catalyst::Plugin::Authentication versions prior to 0.10 027 Description The software is susceptible to session fixation attacks because it does not automatically change the session id after authentication. This allows an attacker who obtains a...

Security Bulletin: Unauthenticated Session History Access via Public Flow Execution

Summary A session ID namespace bypass vulnerability existed in Langflow OSS' POST /api/v1/buildpublictmp/flowid/flow endpoint that allowed unauthenticated attackers to access chat history from other users' sessions. The endpoint accepted an inputs.session parameter that could override the session...

CVE-2026-5083

Ado::Sessions versions through 0.935 for Perl generates insecure session ids. The session id is generated from a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked fr...

CVE-2026-42276

Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the POST /chat/stop-chat-session/chatsessionid endpoint lets any authenticated user stop any other user's active chat session. The endpoint checks authentication but never verifies the session belongs to the caller. An...

CVE-2026-46544

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO accepts client-supplied sessionid values in WebSocket task messages and reuses an existing in-memory session object if that sessionid already exists. If a prior session...

CVE-2026-30808

Session Fixation vulnerability allows Session Hijacking via crafted session ID. This issue affects Pandora FMS: from 777 through 800...

CVE-2026-45743

Termix before 2.3.2 has an IDOR flaw in 16 file-manager endpoints where the server fails to verify that the requester owns the SSH session identified by sessionId. An authenticated user who can guess another user’s active sessionId can read, write, delete, download, and execute files on the victi...

PT-2026-47019

Name of the Vulnerable Software and Affected Versions Termix versions prior to 2.3.2 Description Termix is a web-based server management platform providing SSH terminal, tunneling, and file editing capabilities. The File Manager functionality contains a Broken Access Control issue resulting from...

CVE-2026-10212

A vulnerability was identified in AstrBotDevs AstrBot 4.24.2. This affects the function astrmainagent of the file astrbot/core/astrmainagent.py. Such manipulation of the argument sessionid leads to authorization bypass. It is possible to launch the attack remotely. The exploit is publicly availab...

CVE-2026-10212 AstrBotDevs AstrBot astr_main_agent.py astr_main_agent authorization

A vulnerability was identified in AstrBotDevs AstrBot 4.24.2. This affects the function astrmainagent of the file astrbot/core/astrmainagent.py. Such manipulation of the argument sessionid leads to authorization bypass. It is possible to launch the attack remotely. The exploit is publicly availab...

CVE-2026-10212

A vulnerability was identified in AstrBotDevs AstrBot 4.24.2. This affects the function astrmainagent of the file astrbot/core/astrmainagent.py. Such manipulation of the argument sessionid leads to authorization bypass. It is possible to launch the attack remotely. The exploit is publicly availab...

CVE-2026-10212

CVE-2026-10212 concerns AstrBotDevs AstrBot 4.24.2, where the vulnerability resides in the function astr_main_agent of astrbot/core/astr_main_agent.py . Manipulation of the argument session_id enables an authorization bypass, with a remote attack possible. Public exploit availability is noted, an...

PT-2026-45244

A vulnerability was identified in AstrBotDevs AstrBot 4.24.2. This affects the function astr main agent of the file astrbot/core/astr main agent.py. Such manipulation of the argument session id leads to authorization bypass. It is possible to launch the attack remotely. The exploit is publicly...