Vulnerability Platform

Vulnerability List

CVE ID	Title	Vendor	Product	Severity	CVSS Score	Published At	AI Analysis
CVE-2026-5085	Solstice::Session versions through 1440 for Perl generates session ids insecurely	MCRAWFOR	Solstice::Session	超危	-	2026-04-13 06:56:15	Deep Dive
CVE-2026-39324	Rack::Session::Cookie secrets: decrypt failure fallback enables secretless session forgery and Marshal deserialization	rack	rack-session	-	-	2026-04-07 18:13:29	Deep Dive
CVE-2026-5087	PAGI::Middleware::Session::Store::Cookie versions through 0.001003 for Perl generates random bytes insecurely	JJNAPIORK	PAGI::Middleware::Session::Store::Cookie	-	-	2026-03-31 16:03:08	Deep Dive
CVE-2026-3256	HTTP::Session versions through 0.53 for Perl defaults to using insecurely generated session ids	KTAT	HTTP::Session	中危	-	2026-03-28 18:52:40	Deep Dive
CVE-2014-125112	Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution	MIYAGAWA	Plack::Middleware::Session::Cookie	-	-	2026-03-26 02:04:10	Deep Dive
CVE-2025-40931	Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id	CHORNY	Apache::Session::Generate::MD5	超危	-	2026-03-05 01:41:10	Deep Dive
CVE-2025-40926	Plack::Middleware::Session::Simple versions before 0.05 for Perl generates session ids insecurely	KAZEBURO	Plack::Middleware::Session::Simple	超危	-	2026-03-05 01:24:34	Deep Dive
CVE-2025-21589	Session Smart Router, Session Smart Conductor, WAN Assurance Router: API Authentication Bypass vulnerability	Juniper Networks	Session Smart Router	Critical	9.8	2026-01-27 20:32:13	Deep Dive
CVE-2013-10031	Plack::Middleware::Session versions before 0.17 for Perl may be vulnerable to HMAC comparison timing attacks	MIYAGAWA	Plack::Middleware::Session	-	-	2025-12-09 00:12:36	Deep Dive
CVE-2025-66573	Solstice Pod API Session Key Extraction via API Endpoint	mersive	Solstice Pod API Session Key Extraction via API Endpoint	-	-	2025-12-04 20:45:14	Deep Dive
CVE-2025-20351	Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Cross-Site Scripting Vulnerability	Cisco	Cisco Session Initiation Protocol (SIP) Software	Medium	6.1	2025-10-15 16:15:19	Deep Dive
CVE-2025-20350	Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Denial of Service Vulnerability	Cisco	Cisco Session Initiation Protocol (SIP) Software	High	7.5	2025-10-15 16:15:10	Deep Dive
CVE-2025-20335	Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Information Arbitrary File Write Vulnerability	Cisco	Cisco Session Initiation Protocol (SIP) Software	Medium	5.3	2025-09-03 17:41:06	Deep Dive
CVE-2025-20336	Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Information Disclosure Vulnerability	Cisco	Cisco Session Initiation Protocol (SIP) Software	Medium	5.3	2025-09-03 17:41:01	Deep Dive
CVE-2025-49048	WordPress Inspectlet – User Session Recording and Heatmaps plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability	inspectlet	Inspectlet – User Session Recording and Heatmaps	Medium	5.9	2025-08-14 10:34:19	Deep Dive
CVE-2025-40924	Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely	HAARG	Catalyst::Plugin::Session	-	-	2025-07-17 13:33:44	Deep Dive
CVE-2025-40923	Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely	MIYAGAWA	Plack::Middleware::Session	-	-	2025-07-16 13:05:04	Deep Dive
CVE-2025-46336	Rack session gets restored after deletion	rack	rack-session	Medium	4.2	2025-05-08 19:26:02	Deep Dive
CVE-2025-32612	WordPress User Session Synchronizer plugin <= 1.4.0 - CSRF to Stored XSS vulnerability	rafasashi	User Session Synchronizer	High	7.1	2025-04-09 16:09:29	Deep Dive
CVE-2025-20158	Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure Vulnerability	Cisco	Cisco Session Initiation Protocol (SIP) Software	Medium	4.4	2025-02-19 16:06:01	Deep Dive

Goal Reached Thanks to every supporter — we hit 100%!

Vulnerability List