CVE-2026-6729 in OpenHarnessИнформация

Сводка

по MITRE • 21.04.2026

HKUDS OpenHarness prior to PR #159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exploiting a shared ohmo session key that lacks sender identity verification. Attackers can reuse another user's conversation state and replace or interrupt their active tasks by colliding into the same session boundary through the shared chat or thread scope.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

VulnCheck

Резервировать

20.04.2026

Раскрытие

21.04.2026

Модерация

принято

Вход

VDB-358379

CPE

готов

CWE

CWE-287 (Подтверждённый)

CVSS

6.3 (CNA)

EPSS

0.00043

KEV

Нет

Деятельности

Очень низкий

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-6729
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-6729
CVE Details	https://www.cvedetails.com/cve/CVE-2026-6729/

◂ Предыдущий Обзор Далее ▸

Want to know what is going to be exploited?

We predict KEV entries!