EUVD-2026-38509

Low‑privileged session IDs generated for the web admin console could be reused in the XML‑RPC API, whose authentication is normally restricted to admin users. An attacker could leverage this to gain unauthorised access and exploit API‑level vulnerabilities. The session context web/API is now...

EUVD-2026-38451

FOSSBilling is a free, open-source billing and client management system. Starting in version 0.5.4 and prior to version 0.8.0, an authorization bypass in the API role handling allows unauthenticated access to privileged /api/system/ endpoints. Because system resolves to the cron admin identity,...

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD 4.11.01 is vulnerable to cross-site scripting via the segments/add.php Segment Name field. id: CVE-2018-1000856 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.11.01 is vulnerable to cross-site scripting via the...

Lightdash v0.1024.6 - Server-Side Request Forgery

Server-Side Request Forgery “SSRF” in the export dashboard functionality of Lightdash version 0.1024.6 allows remote authenticated threat actors to obtain the session cookie of any user who exports a crafted dashboard. When they are exported, dashboards containing HTML elements can trigger HTTP...

CVE-2026-48505

Filament is a collection of full-stack components for accelerated Laravel development. From 4.0.0 until 4.11.5 and 5.6.5, a flaw in the handling of recovery codes for app-based multi-factor authentication allows the same recovery code to be reused via concurrent submission. This issue does not...

WP Sessions Time Monitoring Full Automatic <= 1.0.8 - SQL Injection

The WP Sessions Time Monitoring Full Automatic plugin for WordPress is vulnerable to SQL Injection via request parameters in all versions up to, and including, 1.0.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This make...

CVE-2026-52911

In the Linux kernel, the following vulnerability has been resolved: ksmbd: scope conn-binding slowpath to bound sessions only When the binding SESSIONSETUP sets conn-binding = true, the flag stays set after the call so that the global session lookup in ksmbdsessionlookupall can find the session,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cifs: A use-after-free bug has been fixed in refreshcacheworker. The UAF bug occurred because we were putting DFS root sessions into cifsumount while the DFS cache refresher was executing. We have ensured that DFS root session...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: fixed a use-after-free bug in cifsdebugdataprocShow Skipped SMB sessions that are being terminated e.g., @ses-sesstatus == SESEXITING in cifsdebugdataProcShow to avoid use-after-free issues with @ses. This fix...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: -misc: fastrpc: fix memory corruption on probe A missing sanity check has been added to the count of probed sessions, to prevent memory corruption beyond the fixed-size slab-alocated session array when there are more than...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The issue of a null pointer dereference error in generateencryptionkey has been fixed. If a client sends two session setups with KRB5 authentication to ksmbd, a null pointer dereference error in generateencryptionkey can...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: smb: Client: Fixed a potential Use-after-Free UAF in smb2isnetworknamedeleted. Skipped sessions that are being terminated status == SESEXITING to avoid UAF...

CVE-2026-9692

Mojolicious::Sessions::Storable versions through 0.05 for Perl generate session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, the heap address of an anonymous hash, and the PID. These are predictable or low-entropy...

EUVD-2026-37926

Mojolicious::Sessions::Storable versions through 0.05 for Perl generate session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, the heap address of an anonymous hash, and the PID. These are predictable or low-entropy...

CVE-2026-9692

Summary (CVE-2026-9692): Mojolicious::Sessions::Storable in Perl versions up to 0.05 generates insecure session IDs. The default generator seeds a SHA-1 hash with a mix of low-entropy sources: built-in rand, epoch time, heap address of an anonymous hash, and the process ID, making IDs predictable...

CVE-2026-55198

Hermes WebUI before 0.51.443 contains an authorization bypass vulnerability in the session export endpoint that allows authenticated users to access sessions from other profiles. The handlesessionexport handler in api/routes.py fails to verify active-profile ownership before serializing session...

CVE-2026-55198

Hermes WebUI prior to 0.51.443 contains an authorization bypass in the session export endpoint. The _handle_session_export handler in api/routes.py fails to verify active-profile ownership before serializing session data, allowing authenticated users to exfiltrate transcripts from other profiles ...

n8n: MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions

Impact When @n8n/mcp-browser is run in HTTP transport mode, the MCP endpoint accepts session initialization and tool invocation requests without any authentication. Any network-reachable client, or any website visited by the user, can establish an MCP session and invoke browser-control tools. Whe...

NPM: n8n: MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions

NPM: n8n: MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions vulnerability discovered by ? in WordPress Npm n8n versions 2.25.7...

CVE-2026-10831

A denial-of-service vulnerability exists in NPort devices because of improper access control on the command port. The command interface does not properly validate whether a sender is associated with a valid data port session before accepting break signal commands. A remote attacker with network...