Falhas do tipo CWE-613
394 resultadosCVE-2026-53928MEDIUMNocoDB: Refresh Tokens Persist Through Password RecoveryEPSS 0.2%CVE-2026-40587MEDIUMblueprintUE: Active Sessions Are Not Invalidated After Password Change or ResetEPSS 0.2%CVE-2023-45659LOWSession is not expiring after password reset in EngelsystemEPSS 0.2%CVE-2026-35462MEDIUMPapra Does Not Reject Expired API KeysEPSS 0.2%CVE-2025-1198MEDIUMInsufficient Session Expiration in GitLabEPSS 0.2%CVE-2025-66289HIGHOrangeHRM is Vulnerable to Persistent Session Access Due to Missing Invalidation After User Disable and Password ChangeEPSS 0.2%CVE-2026-29092MEDIUMKiteworks Email Protection Gateway has an Insufficient Session ExpirationEPSS 0.2%CVE-2025-10223MEDIUMImproper Session Cleanup on Role Removal in Web Admin Panel in AxxonSoft Axxon One (C-Werk)EPSS 0.2%CVE-2024-7998LOWIn affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespEPSS 0.2%CVE-2026-41519MEDIUMWeblate's API Token Not Invalidated on Password ChangeEPSS 0.2%CVE-2024-38315MEDIUMIBM Aspera Shares session fixationEPSS 0.2%CVE-2024-56413MEDIUMMissing session invalidation after user deletion. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169EPSS 0.2%CVE-2025-30516LOWUnauthorized Notification Exposure in Mobile App Under Specific ConditionsEPSS 0.2%CVE-2024-43181MEDIUMMultiple Vulnerabilities in IBM Concert SoftwareEPSS 0.2%CVE-2022-30277MEDIUMBD Synapsys™ – Insufficient Session ExpirationEPSS 0.2%CVE-2023-22591LOWIBM Robotic Process Automation session fixationEPSS 0.2%CVE-2025-25019MEDIUMIBM QRadar Suite Software and IBM Cloud Pak for Security session fixationEPSS 0.2%CVE-2025-68954HIGHPterodactyl does not revoke SFTP access when server is deleted or permissions reducedEPSS 0.2%CVE-2026-43911MEDIUMVaultwarden: Refresh tokens not invalidated on security stamp rotationEPSS 0.2%CVE-2026-8670CRITICALInsecure session handling on metrics web serverEPSS 0.2%