203 matches found
PHP: PHP SoapServer: Memory corruption and information disclosure via incorrect persistence handling
A flaw was found in the PHP SoapServer component. When the server is configured to maintain session persistence, an error during a SOAP request can cause the system to incorrectly manage memory. This can lead to a "use-after-free" vulnerability, where the system attempts to use memory that has...
PT-2026-53925
Name of the Vulnerable Software and Affected Versions Hermes WebUI versions prior to 0.51.521 Description An authorization bypass occurs during the session import process. The /api/session/import endpoint validates the workspace of an imported session under the active named profile but fails to s...
GO-2026-5222 nhost has Session Persistence After Password Change in github.com/nhost/nhost
nhost has Session Persistence After Password Change in github.com/nhost/nhost...
EUVD-2026-38119
Flowise before 3.1.2 contains a mass assignment vulnerability in the PUT /api/v1/user endpoint that allows authenticated users to directly modify the credential field without validation. Attackers can bypass password change verification and session invalidation by supplying a crafted password has...
Exploit for Use of Incorrectly-Resolved Name or Reference in Apache Tomcat
CVE-2025-24813 - Apache Tomcat Partial PUT + Deserialization R...
CVE-2026-46656
Bludit is a content management system. Versions prior to 3.22.0 have a Broken Access Control flaw where active sessions remain valid even after the corresponding user account has been physically deleted from the database. This "Ghost Session" allows revoked users to maintain full unauthorized...
USN-8336-1: PHP vulnerabilities
Aleksey Solovev and Nikita Sveshnikov discovered that PHP improperly handled NUL bytes when preparing SQL queries in the PDO Firebird driver. An attacker could possibly use this issue to perform SQL injection attacks. CVE-2025-14179 It was discovered that PHP incorrectly handled certain encoding...
Important: php8.5
Issue Overview: uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes. CVE-2026-42371 In uriparser before 1.0.2, there is pointer difference truncation to int in various places. CVE-2026-44927 In uriparser before 1.0.2, t...
EUVD-2026-29822
A session management vulnerability in AOS-8 allows previously authenticated users to retain network access after their accounts are administratively disabled. Existing sessions are not invalidated when credentials are revoked, enabling continued access until session expiration. An attacker with...
CVE-2026-44873 Insufficient Session Invalidation on User Account Deactivation in AOS-8 Operating System
A session management vulnerability in AOS-8 allows previously authenticated users to retain network access after their accounts are administratively disabled. Existing sessions are not invalidated when credentials are revoked, enabling continued access until session expiration. An attacker with...
CVE-2026-44873
The CVE-2026-44873 entry describes a session-management vulnerability in the AOS-8 Operating System. Affected software: AOS-8. Vulnerable condition: existing authenticated sessions are not invalidated when credentials are revoked or accounts are administratively disabled, allowing continued netwo...
BIT-PHP-MIN-2026-7261 SoapServer session-persisted object use-after-free via SOAP header fault
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...
BIT-PHP-2026-7261 SoapServer session-persisted object use-after-free via SOAP header fault
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...
PT-2026-40308
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAP PERSISTENCE SESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the...
SUSE CVE-2026-7261
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...
Vaultwarden 代码问题漏洞
Vaultwarden is an alternative implementation of the Bitwarden server API, developed by Daniel García. Versions of Vaultwarden prior to 1.35.5 contained code vulnerabilities. These vulnerabilities stemmed from the fact that when a user’s security token was refreshed through certain sensitive...
CVE-2026-7261
CVE-2026-7261 affects PHP SOAP when SOAP_PERSISTENCE_SESSION is used. In PHP 8.2.x before 8.2.31, 8.3.x before 8.3.31, 8.4.x before 8.4.21, and 8.5.x before 8.5.6, the SOAP handler object is persisted across requests via session storage. If a SOAP fault occurs, the persistence handling frees the ...
Unity Linux 20.1060e / 20.1070e Security Update: tomcat (UTSA-2026-017355)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017355 advisory. The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56...
nhost has Session Persistence After Password Change
Description When a user changes their password, either through the authenticated password change endpoint or a password reset ticket, the ChangePassword workflow correctly hashes and persists the new password via UpdateUserChangePassword. However, it does not revoke existing sessions. The...
GHSA-7HGR-XVRR-XPW3 nhost has Session Persistence After Password Change
Description When a user changes their password, either through the authenticated password change endpoint or a password reset ticket, the ChangePassword workflow correctly hashes and persists the new password via UpdateUserChangePassword. However, it does not revoke existing sessions. The...