Search Vulnerabilities

SenseLive X3050 Insufficient session expiration

CVE-2026-41356

OpenClaw < 2026.3.31 - Incomplete WebSocket Session Termination in device.token.rotate

CVE-2026-1272

IBM Guardium Data Protection is affected by multiple vulnerabilities

CVE-2026-6515

Insufficient Session Expiration in GitLab

CVE-2026-6848

Quay: red hat quay: authentication bypass allows privileged actions without valid credentials

CVE-2026-41133

pyLoad has Stale Session Privilege After Role/Permission Change (Privilege Revocation Bypass)

CVE-2026-40939

DSF: Missing Session Timeout for OIDC Sessions

CVE-2026-40587

blueprintUE: Active Sessions Are Not Invalidated After Password Change or Reset

CVE-2026-0971

GoAnywhere MFT SAML Sessions do not redirect to logout URL on session timeout

CVE-2025-12624

Improper Token Invalidation in WSO2 Identity Server Allows Access After Account Lock

Apr 16, 2026

CVE-2026-34454

OAuth2 Proxy: Session cookie not cleared when rendering sign-in page

Apr 14, 2026

CVE-2026-35594

Vikunja Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade

Apr 10, 2026

CVE-2025-57735

CRITICAL

Apache Airflow: Airflow Logout Not Invalidating JWT

Apr 9, 2026

CVE-2026-1163

Insufficient Session Expiration in parisneo/lollms

Apr 8, 2026

CVE-2026-35462

Papra Does Not Reject Expired API Keys

CVE-2026-5376

runZero Platform session timeout failure

CVE-2026-34828

listmonk: Active sessions remain valid after password reset and password change

Apr 2, 2026

CVE-2025-66483

Multiple vulnerabilities have been addressed in IBM Aspera Shares

CVE-2026-34572

CI4MS: Account Deactivation Module Full Persistent Unauthorized Access for All‑Roles via Improper Session Invalidation (Logic Flaw)

CVE-2026-34570

CI4MS: Account Deletion Module Full Persistent Unauthorized Access for All‑Roles via Improper Session Invalidation (Logic Flaw)

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-25720

SenseLive X3050 Insufficient session expiration

CVE-2026-41356

OpenClaw < 2026.3.31 - Incomplete WebSocket Session Termination in device.token.rotate

CVE-2026-1272

IBM Guardium Data Protection is affected by multiple vulnerabilities

CVE-2026-6515

Insufficient Session Expiration in GitLab

CVE-2026-6848

Quay: red hat quay: authentication bypass allows privileged actions without valid credentials

CVE-2026-41133

pyLoad has Stale Session Privilege After Role/Permission Change (Privilege Revocation Bypass)

CVE-2026-40939

DSF: Missing Session Timeout for OIDC Sessions

CVE-2026-40587

blueprintUE: Active Sessions Are Not Invalidated After Password Change or Reset

CVE-2026-0971

GoAnywhere MFT SAML Sessions do not redirect to logout URL on session timeout

CVE-2025-12624

Improper Token Invalidation in WSO2 Identity Server Allows Access After Account Lock

Apr 16, 2026

CVE-2026-34454

OAuth2 Proxy: Session cookie not cleared when rendering sign-in page

Apr 14, 2026

CVE-2026-35594

Vikunja Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade

Apr 10, 2026

CVE-2025-57735

CRITICAL

Apache Airflow: Airflow Logout Not Invalidating JWT

Apr 9, 2026

CVE-2026-1163

Insufficient Session Expiration in parisneo/lollms

Apr 8, 2026

CVE-2026-35462

Papra Does Not Reject Expired API Keys

CVE-2026-5376

runZero Platform session timeout failure

CVE-2026-34828

listmonk: Active sessions remain valid after password reset and password change

Apr 2, 2026

CVE-2025-66483

Multiple vulnerabilities have been addressed in IBM Aspera Shares

CVE-2026-34572

CI4MS: Account Deactivation Module Full Persistent Unauthorized Access for All‑Roles via Improper Session Invalidation (Logic Flaw)

CVE-2026-34570

CI4MS: Account Deletion Module Full Persistent Unauthorized Access for All‑Roles via Improper Session Invalidation (Logic Flaw)