Lucene search
K

4 matches found

NVD
NVD
added 2026/06/22 4:16 p.m.14 views

CVE-2026-56104

Chainlit before 2.10.1 contains a session hijacking vulnerability that allows unauthenticated attackers to restore and inherit authenticated user sessions by presenting a valid sessionId during WebSocket session restoration without ownership verification. Attackers can exploit the...

8.8CVSS0.00256EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/22 2:17 p.m.3 views

CVE-2026-56104

Chainlit before 2.10.1 contains a session hijacking vulnerability that allows unauthenticated attackers to restore and inherit authenticated user sessions by presenting a valid sessionId during WebSocket session restoration without ownership verification. Attackers can exploit the...

9.1CVSS5.9AI score0.00256EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/22 2:17 p.m.10 views

EUVD-2026-38285

Chainlit before 2.10.1 contains a session hijacking vulnerability that allows unauthenticated attackers to restore and inherit authenticated user sessions by presenting a valid sessionId during WebSocket session restoration without ownership verification. Attackers can exploit the...

9.1CVSS5.9AI score0.00256EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.10 views

PT-2026-51339

Name of the Vulnerable Software and Affected Versions Chainlit versions prior to 2.10.1 Description An issue exists where unauthenticated attackers can restore and inherit authenticated user sessions. This occurs during WebSocket session restoration when a valid sessionId is presented without...

8.8CVSS5.8AI score0.00256EPSS
Exploits0References7
Rows per page
Query Builder