CVE-2026-6729 in OpenHarnessinformación

Resumen

por MITRE • 2026-04-21

HKUDS OpenHarness prior to PR #159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exploiting a shared ohmo session key that lacks sender identity verification. Attackers can reuse another user's conversation state and replace or interrupt their active tasks by colliding into the same session boundary through the shared chat or thread scope.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

VulnCheck

Reservar

2026-04-20

Divulgación

2026-04-21

Moderación

aceptado

Artículo

VDB-358379

CPE

listo

CWE

CWE-287 (confirmado)

CVSS

6.3 (CNA)

EPSS

0.00043

KEV

Actividades

muy bajo

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-6729
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-6729
CVE Details	https://www.cvedetails.com/cve/CVE-2026-6729/

◂ Anterior Visión De Conjunto Próximo ▸

Do you need the next level of professionalism?

Upgrade your account now!