Unrated severityNVD Advisory· Published Mar 25, 2026· Updated Mar 25, 2026
Kiteworks Email Protection Gateway has an Insufficient Session Expiration
CVE-2026-29092
Description
Kiteworks is a private data network (PDN). Prior to version 9.2.1, a vulnerability in Kiteworks Email Protection Gateway session management allows blocked users to maintain active sessions after their account is disabled. This could allow unauthorized access to continue until the session naturally expires. Upgrade Kiteworks to version 9.2.1 or later to receive a patch.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: < 9.2.1
Patches
Vulnerability mechanics
References
1- github.com/kiteworks/security-advisories/security/advisories/GHSA-92w7-fpjr-wpxcmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.