CVE-2026-6729 in OpenHarnessالمعلومات

الملخص

بحسب MITRE • 21/04/2026

HKUDS OpenHarness prior to PR #159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exploiting a shared ohmo session key that lacks sender identity verification. Attackers can reuse another user's conversation state and replace or interrupt their active tasks by colliding into the same session boundary through the shared chat or thread scope.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulnCheck

حجز

20/04/2026

إفشاء

21/04/2026

الاعتدال

تمت الموافقة

إدخال

VDB-358379

CPE

جاهز

CWE

CWE-287 (مؤكد)

CVSS

6.3 (CNA)

EPSS

0.00043

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-6729
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-6729
CVE Details	https://www.cvedetails.com/cve/CVE-2026-6729/

التالي ▸نظرة عامة ◂ السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!