CVE-2025-26499

Name of the Vulnerable Software and Affected Versions: (affected versions not specified)

Description: A race condition can occur during authentication or token refresh operations under heavy system utilization. This allows a user to be granted a token intended for another user, potentially leading to impersonation until the session ends. The flaw cannot be intentionally exploited due to the need for concurrent action by two users, but if it occurs, a user could be inadvertently exposed to another user’s system rights and data access.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.