PT-2026-22041 · Manyfold · Manyfold

Grecco-O

·

Publicado

2026-02-25

·

Atualizado

2026-02-26

·

CVE-2026-27933

CVSS v3.1

6.8

Média

VetorAV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
Name of the Vulnerable Software and Affected Versions Manyfold versions prior to 0.133.0
Description Manyfold is a self-hosted web application designed for managing 3d models, with a focus on 3d printing. Versions of the software before 0.133.0 are susceptible to session hijacking due to cookie leakage in proxy caches.
Recommendations Update to version 0.133.0 or later.

Exploit

Correção

Insufficient Session Expiration

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-613

Identificadores relacionados

CVE-2026-27933
GHSA-G949-HMVJ-2R76

Produtos afetados

Manyfold