Medium severity5.3NVD Advisory· Published May 5, 2026· Updated May 7, 2026
CVE-2026-43002
CVE-2026-43002
Description
An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
horizonPyPI | >= 25.6, < 25.7.3 | 25.7.3 |
Affected products
1Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.