CVE-2026-25101

Name of the Vulnerable Software and Affected Versions Bludit versions prior to 3.17.2

Description Bludit allows a user's session identifier to be set before authentication. The session ID remains consistent even after authentication, potentially allowing an attacker to fixate a session ID for a victim and subsequently hijack the authenticated session.

Recommendations Update to version 3.17.2 or later.