Search Vulnerabilities

MISP AAD authentication plugin - Improper OAuth State Handling, Missing Session Rotation, Insecure Redirect URI Validation, and Log Injection

CVE-2026-12581

Digiwin｜EasyFlow .NET - Session Fixation

CVE-2009-10007

Catalyst::Plugin::Authentication versions before 0.10_027 for Perl is susceptible to session fixation attacks

CVE-2026-41839

Spring Framework Escalation via Session Fixation in WebFlux

CVE-2026-11335

tittuvarghese CollegeManagementSystem login-form.php session_start session fixiation

Jun 5, 2026

CVE-2026-33384

Session Fixation in QuickCMS

May 29, 2026

CVE-2026-48545

Gradio < 6.15.0 Cookie Injection via Shared Proxy Client

May 27, 2026

CVE-2026-43827

Apache Shiro: Session fixation: new session is not created after login by default

May 25, 2026

CVE-2026-45773

Turborepo: Login callback CSRF/session fixation

May 15, 2026

CVE-2026-41613

Visual Studio Code Elevation of Privilege Vulnerability

CVE-2026-30808

Session Fixation in Authentication leads to Session Hijacking

CVE-2025-46605

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8

Apr 17, 2026

CVE-2026-34454

LOW

OAuth2 Proxy: Session cookie not cleared when rendering sign-in page

Apr 14, 2026

CVE-2026-31940

Session Fixation in Chamilo LMS

Apr 10, 2026

CVE-2026-33946

MCP Ruby SDK: Insufficient Session Binding Allows SSE Stream Hijacking via Session ID Replay

CVE-2026-33757

OpenBao lacks user confirmation for OIDC direct callback mode

CVE-2026-25101

Session Fixation in Bludit

CVE-2025-55266

HCL Aftermarket DPC is affected by Session Fixation

Mar 26, 2026

CVE-2026-33492

AVideo has Session Fixation via GET PHPSESSID Parameter With Disabled Login Session Regeneration

Mar 23, 2026

CVE-2026-30224

OliveTin: Session Fixation - Logout Fails to Invalidate Server-Side Session

Mar 6, 2026

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-56425

MISP AAD authentication plugin - Improper OAuth State Handling, Missing Session Rotation, Insecure Redirect URI Validation, and Log Injection

CVE-2026-12581

Digiwin｜EasyFlow .NET - Session Fixation

CVE-2009-10007

Catalyst::Plugin::Authentication versions before 0.10_027 for Perl is susceptible to session fixation attacks

CVE-2026-41839

Spring Framework Escalation via Session Fixation in WebFlux

CVE-2026-11335

tittuvarghese CollegeManagementSystem login-form.php session_start session fixiation

Jun 5, 2026

CVE-2026-33384

Session Fixation in QuickCMS

May 29, 2026

CVE-2026-48545

Gradio < 6.15.0 Cookie Injection via Shared Proxy Client

May 27, 2026

CVE-2026-43827

Apache Shiro: Session fixation: new session is not created after login by default

May 25, 2026

CVE-2026-45773

Turborepo: Login callback CSRF/session fixation

May 15, 2026

CVE-2026-41613

Visual Studio Code Elevation of Privilege Vulnerability

CVE-2026-30808

Session Fixation in Authentication leads to Session Hijacking

CVE-2025-46605

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8

Apr 17, 2026

CVE-2026-34454

LOW

OAuth2 Proxy: Session cookie not cleared when rendering sign-in page

Apr 14, 2026

CVE-2026-31940

Session Fixation in Chamilo LMS

Apr 10, 2026

CVE-2026-33946

MCP Ruby SDK: Insufficient Session Binding Allows SSE Stream Hijacking via Session ID Replay

CVE-2026-33757

OpenBao lacks user confirmation for OIDC direct callback mode

CVE-2026-25101

Session Fixation in Bludit

CVE-2025-55266

HCL Aftermarket DPC is affected by Session Fixation

Mar 26, 2026

CVE-2026-33492

AVideo has Session Fixation via GET PHPSESSID Parameter With Disabled Login Session Regeneration

Mar 23, 2026

CVE-2026-30224