Total
382 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-24352 | 1 Pluxml | 1 Pluxml | 2026-02-27 | N/A | 9.8 CRITICAL |
|
PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID
for a victim and later hijack the authenticated session.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only versions 5.8.21 and 5.9.0-rc7 were tested and confirmed as vulnerable, other versions were not test ...
Show More |
|||||
| CVE-2025-71057 | 2026-02-27 | N/A | 8.2 HIGH | ||
|
Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME_1.00 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user.
|
|||||
| CVE-2022-2820 | 1 Namelessmc | 1 Nameless | 2026-02-25 | N/A | 7.0 HIGH |
|
Session Fixation in GitHub repository namelessmc/nameless prior to v2.0.2.
|
|||||
| CVE-2026-24894 | 1 Php | 1 Frankenphp | 2026-02-20 | N/A | 7.5 HIGH |
|
FrankenPHP is a modern application server for PHP. Prior to 1.11.2, when running FrankenPHP in worker mode, the $_SESSION superglobal is not correctly reset between requests. This allows a subsequent request processed by the same worker to access the $_SESSION data of the previous request (potentially belonging to a different user) before session_start() is called. This vulnerability is fixed in 1.11.2.
|
|||||
| CVE-2026-23796 | 1 Opensolution | 1 Quick.cart | 2026-02-19 | N/A | 9.8 CRITICAL |
|
Quick.Cart allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID
for a victim and later hijack the authenticated session.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.7 was tested and confirmed as vulnerable, other versions were not tested and might also b ...
Show More |
|||||
| CVE-2026-2177 | 1 Fast5 | 1 Prison Management System | 2026-02-10 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability has been found in SourceCodester Prison Management System 1.0. The impacted element is an unknown function of the component Login. The manipulation leads to session fixiation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-69602 | 1 Altumcode | 1 66biolinks | 2026-02-09 | N/A | 9.1 CRITICAL |
|
A session fixation vulnerability exists in 66biolinks v62.0.0 by AltumCode, where the application does not regenerate the session identifier after successful authentication. As a result, the same session cookie value is reused for users logging in from the same browser, allowing an attacker who can set or predict a session ID to potentially hijack an authenticated session.
|
|||||
| CVE-2025-68139 | 1 Linuxfoundation | 1 Everest | 2026-02-06 | N/A | 4.3 MEDIUM |
|
EVerest is an EV charging software stack. In all versions up to and including 2025.12.1, the default value for `terminate_connection_on_failed_response` is `False`, which leaves the responsibility for session and connection termination to the EV. In this configuration, any errors encountered by the module are logged but do not trigger countermeasures such as session and connection reset or termination. This could be abused by a malicious user in order to exploit other weaknesses or vulnerabiliti ...
Show More |
|||||
| CVE-2026-23624 | 1 Glpi-project | 1 Glpi | 2026-02-06 | N/A | 4.3 MEDIUM |
|
GLPI is a free asset and IT management software package. In versions starting from 0.71 to before 10.0.23 and before 11.0.5, when remote authentication is used, based on SSO variables, a user can steal a GLPI session previously opened by another user on the same machine. This issue has been patched in versions .
|
|||||
| CVE-2025-36115 | 1 Ibm | 1 Sterling Connect\ | 2026-02-03 | N/A | 6.3 MEDIUM |
|
IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0.00 through 5.2.0.12 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system.
|
|||||
| CVE-2025-7014 | 2026-01-29 | N/A | 5.7 MEDIUM | ||
|
Session Fixation vulnerability in QR Menu Pro Smart Menu Systems Menu Panel allows Session Hijacking.This issue affects Menu Panel: through 29012026.
NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-7015 | 2026-01-29 | N/A | 5.7 MEDIUM | ||
|
Session Fixation vulnerability in Akın Software Computer Import Export Industry and Trade Ltd. QR Menu allows Session Fixation.This issue affects QR Menu: before s1.05.12.
|
|||||
| CVE-2025-63216 | 1 Itel | 2 Idgateway, Idgateway Firmware | 2026-01-15 | N/A | 10.0 CRITICAL |
|
The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices.
|
|||||
| CVE-2025-63224 | 1 Itel | 2 Idenc, Idenc Firmware | 2026-01-15 | N/A | 10.0 CRITICAL |
|
The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices.
|
|||||
| CVE-2026-22082 | 2026-01-13 | N/A | N/A | ||
|
This vulnerability exists in Tenda wireless routers (300Mbps Wireless Router F3 and N300 Easy Setup Router) due to the use of login credentials as the session ID through its web-based administrative interface. A remote attacker could exploit this vulnerability by intercepting network traffic and capturing the session ID during insecure transmission.
Successful exploitation of this vulnerability could allow the attacker to hijack an authenticated session and compromise sensitive configuration ...
Show More |
|||||
| CVE-2020-36913 | 2026-01-08 | N/A | 5.3 MEDIUM | ||
|
All-Dynamics Software enlogic:show 2.0.2 contains a session fixation vulnerability that allows attackers to set a predefined PHP session identifier during the login process. Attackers can forge HTTP GET requests to welcome.php with a manipulated session token to bypass authentication and potentially execute cross-site request forgery attacks.
|
|||||
| CVE-2024-24552 | 1 Bludit | 1 Bludit | 2026-01-02 | N/A | 8.8 HIGH |
|
A session fixation vulnerability in Bludit allows an attacker to bypass the server's authentication if they can trick an administrator or any other user into authorizing a session ID of their choosing.
|
|||||
| CVE-2023-53775 | 1 Dbbroadcast | 2 Sft Dab 600\/c, Sft Dab 600\/c Firmware | 2026-01-02 | N/A | 6.5 MEDIUM |
|
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change user passwords by exploiting weak session management controls. Attackers can reuse IP-bound session identifiers to issue unauthorized requests to the userManager API and modify user credentials without proper authentication.
|
|||||
| CVE-2023-53776 | 1 Dbbroadcast | 2 Sft Dab 600\/c, Sft Dab 600\/c Firmware | 2026-01-02 | N/A | 8.8 HIGH |
|
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to exploit weak session management by reusing IP-bound session identifiers. Attackers can issue unauthorized requests to the device management API by leveraging the session binding mechanism to perform critical operations on the transmitter.
|
|||||
| CVE-2022-40916 | 1 Prasathmani | 1 Tiny File Manager | 2025-12-31 | N/A | 9.8 CRITICAL |
|
Tiny File Manager v2.4.7 and below is vulnerable to session fixation.
|
|||||
| CVE-2025-56400 | 1 Tuya | 3 Smartlife, Tuya, Tuya Smart | 2025-12-30 | N/A | 8.8 HIGH |
|
Cross-Site Request Forgery (CSRF) vulnerability in the OAuth implementation of the Tuya SDK 6.5.0 for Android and iOS, affects the Tuya Smart and Smartlife mobile applications, as well as other third-party applications that integrate the SDK, allows an attacker to link their own Amazon Alexa account to a victim's Tuya account. The applications fail to validate the OAuth state parameter during the account linking flow, enabling a cross-site request forgery (CSRF)-like attack. By tricking the vict ...
Show More |
|||||
| CVE-2025-65681 | 1 Edly | 1 Tutor | 2025-12-30 | N/A | 3.3 LOW |
|
An issue was discovered in Overhang.IO (tutor-open-edx) (overhangio/tutor) 20.0.2 allowing local unauthorized attackers to gain access to sensitive information due to the absence of proper cache-control HTTP headers and client-side session checks.
|
|||||
| CVE-2025-12390 | 2025-12-19 | N/A | 6.0 MEDIUM | ||
|
A flaw was found in Keycloak. In Keycloak where a user can accidentally get access to another user's session if both use the same device and browser. This happens because Keycloak sometimes reuses session identifiers and doesn’t clean up properly during logout when browser cookies are missing. As a result, one user may receive tokens that belong to another user.
|
|||||
| CVE-2023-53741 | 1 Dbbroadcast | 10 Sft Dab 015\/c, Sft Dab 015\/c Firmware, Sft Dab 050\/c and 7 more | 2025-12-18 | N/A | 8.1 HIGH |
|
Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without proper authorization.
|
|||||
| CVE-2025-43516 | 1 Apple | 1 Macos | 2025-12-17 | N/A | 3.3 LOW |
|
A session management issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3. A user with Voice Control enabled may be able to transcribe another user's activity.
|
|||||
| CVE-2022-40226 | 1 Siemens | 72 7kg8500-0aa00-0aa0, 7kg8500-0aa00-0aa0 Firmware, 7kg8500-0aa00-2aa0 and 69 more | 2025-12-09 | N/A | 7.5 HIGH |
|
A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-0AA0) (All versions < V3.10), SICAM P850 (7KG8500-0AA30-2AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-0AA0) (All versions < V3.10), SICAM P850 (7KG8501-0AA01-2AA0) (All versions < V3.10), SICAM P850 (7 ...
Show More |
|||||
| CVE-2025-37159 | 1 Hpe | 1 Arubaos-cx | 2025-12-04 | N/A | 5.8 MEDIUM |
|
A vulnerability in the web management interface of the AOS-CX OS user authentication service could allow an authenticated remote attacker to hijack an active user session. Successful exploitation may enable the attacker to maintain unauthorized access to the session, potentially leading to the view or modification of sensitive configuration data.
|
|||||
| CVE-2025-63529 | 1 Shridharshukl | 1 Blood Bank Management System | 2025-12-02 | N/A | 6.1 MEDIUM |
|
A session fixation vulnerability exists in Blood Bank Management System 1.0 in login.php that allows an attacker to set or predict a user's session identifier prior to authentication. When the victim logs in, the application continues to use the attacker-supplied session ID rather than generating a new one, enabling the attacker to hijack the authenticated session and gain unauthorized access to the victim's account.
|
|||||
| CVE-2024-23679 | 1 Enonic | 1 Xp | 2025-11-29 | N/A | 9.8 CRITICAL |
|
Enonic XP versions less than 7.7.4 are vulnerable to a session fixation issue. An remote and unauthenticated attacker can use prior sessions due to the lack of invalidating session attributes.
|
|||||
| CVE-2025-55668 | 1 Apache | 1 Tomcat | 2025-11-04 | N/A | 6.5 MEDIUM |
|
Session Fixation vulnerability in Apache Tomcat via rewrite valve.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105.
Older, EOL versions may also be affected.
Users are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.
|
|||||
| CVE-2024-28144 | 2025-11-03 | N/A | 5.5 MEDIUM | ||
|
An attacker who can spoof the IP address and the User-Agent of a logged-in user can takeover the session because of flaws in the self-developed session management. If two users access the web interface from the same IP they are logged in as the other user.
|
|||||
| CVE-2025-64100 | 2025-10-30 | N/A | 6.1 MEDIUM | ||
|
CKAN is an open-source DMS (data management system) for powering data hubs and data portals. Prior to 2.10.9 and 2.11.4, session ids could be fixed by an attacker if the site is configured with server-side session storage (CKAN uses cookie-based session storage by default). The attacker would need to either set a cookie on the victim's browser or steal the victim's currently valid session. Session identifiers are now regenerated after each login. This vulnerability has been fixed in CKAN 2.10.9 ...
Show More |
|||||
| CVE-2024-49709 | 1 Softcom.wroc | 1 Iksoris | 2025-10-28 | N/A | 4.4 MEDIUM |
|
Internet Starter, one of SoftCOM iKSORIS system modules, allows for setting an arbitrary session cookie value. An attacker with an access to user's browser might set such a cookie, wait until the user logs in and then use the same cookie to take over the account.
Moreover, the system does not destroy the old sessions when creating new ones, what expands the time frame in which an attack might be performed.
This vulnerability has been patched in version 79.0
|
|||||
| CVE-2025-56746 | 1 Creativeitem | 1 Academy Lms | 2025-10-23 | N/A | 2.2 LOW |
|
Creativeitem Academy LMS up to and including 5.13 does not regenerate session IDs upon successful authentication, enabling session fixation attacks where attackers can hijack user sessions by predetermining session identifiers.
|
|||||
| CVE-2025-51471 | 1 Ollama | 1 Ollama | 2025-10-17 | N/A | 6.9 MEDIUM |
|
Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-Authenticate header returned by the /api/pull endpoint.
|
|||||
| CVE-2025-10228 | 2025-10-14 | N/A | 8.8 HIGH | ||
|
Session Fixation vulnerability in Rolantis Information Technologies Agentis allows Session Hijacking.This issue affects Agentis: before 4.44.
|
|||||
| CVE-2024-37829 | 1 Getoutline | 1 Outline | 2025-10-10 | N/A | 8.8 HIGH |
|
An issue in Outline <= v0.76.1 allows attackers to execute a session hijacking attack via user interaction with a crafted magic sign-in link.
|
|||||
| CVE-2024-42207 | 1 Hcltech | 1 Dryice Iautomate | 2025-10-10 | N/A | 5.5 MEDIUM |
|
HCL iAutomate is affected by a session fixation vulnerability. An attacker could hijack a victim's session ID from their authenticated session.
|
|||||
| CVE-2025-0251 | 1 Hcltech | 1 Intelliops Event Management | 2025-10-09 | N/A | 2.6 LOW |
|
HCL IEM is affected by a concurrent login vulnerability. The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks.
|
|||||
| CVE-2025-0253 | 1 Hcltech | 1 Intelliops Event Management | 2025-10-09 | N/A | 2.0 LOW |
|
HCL IEM is affected by a cookie attribute not set vulnerability due to inconsistency of certain security-related configurations which could increase exposure to potential vulnerabilities.
|
|||||