Falhas do tipo CWE-613
394 resultadosCVE-2025-64708MEDIUMauthentik invitation expiry is delayed by at least 5 minutesEPSS 0.2%CVE-2026-45757LOWRocket.Chat: users.deactivateIdle` deactivates accounts without revoking existing login tokensEPSS 0.2%CVE-2026-41916LOWOpenClaw < 2026.4.8 - Stale Authentication State via Config ReloadEPSS 0.2%CVE-2026-49277LOWRocket.Chat: OAuth access and refresh tokens remain valid after account deactivationEPSS 0.2%CVE-2025-11429MEDIUMKeycloak-server: too long and not settings compliant sessionEPSS 0.2%CVE-2023-26288MEDIUMIBM Aspera Orchestrator session fixationEPSS 0.2%CVE-2026-5376MEDIUMrunZero Platform session timeout failureEPSS 0.2%CVE-2025-33005MEDIUMIBM Planning Analytics Local session fixationEPSS 0.2%CVE-2026-1163MEDIUMInsufficient Session Expiration in parisneo/lollmsEPSS 0.2%CVE-2023-32318HIGHUser session not correctly destroyed on logoutEPSS 0.2%CVE-2026-53830MEDIUMOpenClaw < 2026.4.22 - Webhook Secret Revocation Bypass via secrets.reloadEPSS 0.2%CVE-2026-1842MEDIUMHyperCloud Improper Refresh Token Validation and Access Token Invalidation Allows Long-Term Unauthorized AccessEPSS 0.2%CVE-2025-62340LOWHCL iControl was affected by Inadequate Session Timeout vulnerabilityEPSS 0.2%CVE-2023-49881MEDIUMIBM Transformation Extender Advanced session fixationEPSS 0.2%CVE-2024-22351MEDIUMIBM InfoSphere Information Server session fixationEPSS 0.2%CVE-2026-9162MEDIUMGlobal session revocation does not invalidate active WebSocket connectionsEPSS 0.2%CVE-2026-52809MEDIUMGogs: Password-reset tokens use account-activation lifetime, ignoring RESET_PASSWORD_CODE_LIVESEPSS 0.2%CVE-2025-36040MEDIUMIBM Aspera Faspex session fixationEPSS 0.2%CVE-2026-1272LOWIBM Guardium Data Protection is affected by multiple vulnerabilitiesEPSS 0.2%CVE-2026-46554LOWNocoDB: Stale Auth Cache After API Token DeletionEPSS 0.2%