Name of the Vulnerable Software and Affected Versions Uptime Kuma (affected versions not specified)

Description The issue allows access to the platform despite authentication being enabled, as previously logged-in sessions remain valid. The expected behavior is that all previously connected sessions should be invalidated after enabling authentication, requiring users to log in. However, the system retains sessions and never logs out users unless explicitly done by clicking logout or refreshing the page.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.