2 matches found
CVE-2026-26060
Fleet is open source device management software. Prior to 4.81.0, a vulnerability in Fleet’s password management logic could allow previously issued password reset tokens to remain valid after a user changes their password. As a result, a stale password reset token could be reused to reset the...
Insecure Session Handling
github.com/coder/coder is vulnerable to Insecure Session Handling. The vulnerability is due to stale session tokens in prebuilt workspaces, allowing attackers to reuse them to gain unauthorized access...