Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-613 (不充分的会话过期机制) — Vulnerability Class 296

296 vulnerabilities classified as CWE-613 (不充分的会话过期机制). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-20748 Everon api.everon.io Insufficient Session Expiration — api.everon.io 7.3 High2026-03-06
CVE-2026-27764 Mobiliti e-mobi.hu Insufficient Session Expiration — e-mobi.hu 7.3 High2026-03-06
CVE-2026-24912 ePower epower.ie Insufficient Session Expiration — epower.ie 7.3 High2026-03-05
CVE-2026-21622 Password Reset Tokens Do Not Expire — hexpm 8.1 -2026-03-05
CVE-2025-59786 Cookies are not Invalidated upon Logout and Password Change — 2N Access Commander 6.5AIMediumAI2026-03-04
CVE-2026-28396 NocoDB: Refresh Tokens Not Revoked on Password Reset — nocodb 7.1AIHighAI2026-03-02
CVE-2026-3401 SourceCodester Web-based Pharmacy Product Management System session expiration — Web-based Pharmacy Product Management System 3.1 Low2026-03-02
CVE-2026-27647 Mobility46 mobility46.se Insufficient Session Expiration — mobility46.se 7.3 High2026-02-27
CVE-2026-26290 EV Energy ev.energy Insufficient Session Expiration — ev.energy 7.3 High2026-02-27
CVE-2026-25778 SWITCH EV swtchenergy.com Insufficient Session Expiration — swtchenergy.com 7.3 High2026-02-27
CVE-2026-20895 EV2GO ev2go.io Insufficient Session Expiration — ev2go.io 7.3 High2026-02-26
CVE-2026-27652 CloudCharge cloudcharge.se Insufficient Session Expiration — cloudcharge.se 7.3 High2026-02-26
CVE-2026-25711 Chargemap chargemap.com Insufficient Session Expiration — chargemap.com 7.3 High2026-02-26
CVE-2026-28275 Initiative Vulnerable to Improper Session Invalidation (JWT Remains Valid) — initiative 8.1 High2026-02-26
CVE-2026-27933 Manyfold vulnerable to session hijack via cookie leakage in proxy caches — manyfold 6.8 Medium2026-02-25
CVE-2026-25476 OpenEMR has Session Timeout Bypass via skip_timeout_reset — openemr 7.5 High2026-02-25
CVE-2026-26342 Tattile Smart+ / Vega / Basic <= 1.181.5 Insufficient Session Token Expiration — Smart+ 9.8AICriticalAI2026-02-24
CVE-2026-1842 HyperCloud Improper Refresh Token Validation and Access Token Invalidation Allows Long-Term Unauthorized Access — HyperCloud 8.8AIHighAI2026-02-20
CVE-2026-1435 Incorrect management of session invalidation vulnerability in Graylog Web Interface — Graylog Web Interface 9.1 -2026-02-18
CVE-2025-36376 IBM Security QRadar EDR Software has multiple vulnerabilities — Security QRadar EDR 6.3 Medium2026-02-17
CVE-2025-36377 IBM Security QRadar EDR Software has multiple vulnerabilities — Security QRadar EDR 6.3 Medium2026-02-17
CVE-2025-27898 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows — DB2 Recovery Expert for LUW 6.3 Medium2026-02-17
CVE-2024-43181 Multiple Vulnerabilities in IBM Concert Software — Concert 6.3 Medium2026-02-04
CVE-2026-24669 Open eClass Insecure Password Reset Token Reuse Enables Account Takeover — openeclass 7.8 High2026-02-03
CVE-2026-24667 Open eClass's Active Sessions Not Invalidated After Password Change Allow Persistent Account Access — openeclass 5.0 Medium2026-02-03
CVE-2025-55705 EVMAPA Insufficient Session Expiration — EVMAPA 7.3 High2026-01-22
CVE-2025-36065 Multiple vulnerabilities were addressed in IBM Sterling Connect:Express for UNIX. — Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 6.3 Medium2026-01-20
CVE-2025-36063 Multiple vulnerabilities were addressed in IBM Sterling Connect:Express for UNIX. — Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 6.3 Medium2026-01-20
CVE-2025-52661 HCL AION 安全漏洞 — AION 2.4 Low2026-01-19
CVE-2025-4677 Idle session timeout is not configured for multiple open ports — WebPro SNMP Card PowerValue 6.5 Medium2026-01-07

Vulnerabilities classified as CWE-613 (不充分的会话过期机制) represent 296 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.