Falhas do tipo CWE-613
394 resultadosCVE-2026-6848MEDIUMQuay: red hat quay: authentication bypass allows privileged actions without valid credentialsEPSS 0.3%CVE-2026-27933MEDIUMManyfold vulnerable to session hijack via cookie leakage in proxy cachesEPSS 0.3%CVE-2025-58352LOWWeblate has long session expiry times during second factor verificationEPSS 0.3%CVE-2026-12772MEDIUMBerriAI litellm PROXY_ADMIN database API Key Generator login_utils.py authenticate_user session expirationEPSS 0.3%CVE-2025-1968HIGHInsufficient Session Expiration vulnerability in Progress Software Corporation Sitefinity under some specific and uncommon circumstances allEPSS 0.3%CVE-2025-35433LOWCISA Thorium does not properly invalidate previously used tokensEPSS 0.3%CVE-2025-71335HIGHFlowise - Session Invalidation Failure After Password ChangeEPSS 0.3%CVE-2025-59786MEDIUMCookies are not Invalidated upon Logout and Password ChangeEPSS 0.3%CVE-2024-45651MEDIUMIBM Sterling Connect:Direct Web Services session fixationEPSS 0.3%CVE-2026-20748MEDIUMEveron api.everon.io Insufficient Session ExpirationEPSS 0.3%CVE-2026-32663MEDIUMIGL-Technologies eParking.fi Insufficient Session ExpirationEPSS 0.3%CVE-2025-66223HIGHOpenObserve's Invite Token Lifecycle MisconfigurationEPSS 0.3%CVE-2026-54321HIGHDaytona: Public sandbox previews remain accessible for up to one hour after being made privateEPSS 0.2%CVE-2024-57056MEDIUMIncorrect cookie session handling in WombatDialer before 25.02 results in the full session identity being written to system logs and could bEPSS 0.2%CVE-2026-34362MEDIUMAVideo's WebSocket Token Never Expires Due to Commented-Out Timeout Validation in verifyTokenSocket()EPSS 0.2%CVE-2026-43983HIGHPocket ID: OIDC refresh token flow bypasses authorization revocation, account disabling, and group restrictionsEPSS 0.2%CVE-2026-41902CRITICALFreeScout's user invitation hash never expires: permanent unauthenticated account takeover if invite link leaksEPSS 0.2%CVE-2026-54479MEDIUMEVoke Systems EVoke CSMS Insufficient Session ExpirationEPSS 0.2%CVE-2024-48926MEDIUMUmbraco CMS logout page displayed before session expirationEPSS 0.2%CVE-2025-14810MEDIUMIBM InfoSphere Information Server is vulnerable due to insufficient session expirationEPSS 0.2%