VYPR

OpenAM Community Edition

by OpenAM

CVEs (1)

  • CVE-2026-45048higJun 23, 2026
    OpenAM
    OpenAM Community Edition
    risk 0.45cvss epss

    ## Summary Description An insufficient authorization (CWE-285) and information exposure (CWE-200) issue in OpenAM's session management endpoint allows a low-privileged authenticated user to retrieve active session credentials belonging to other users, including those with…