CVE-2026-27933 - Vulnerability Analysis

Overview

Manyfold < 0.133.0 contains a session hijack vulnerability caused by cookie leakage in proxy caches, letting remote attackers hijack user sessions, exploit requires proxy cache presence.

Severity & Score

Impact

Attackers can hijack user sessions, leading to unauthorized access to user accounts and data.

Mitigation

Upgrade to version 0.133.0 or later.

References

• https://github.com/manyfold3d/manyfold/releases/tag/v0.133.0
• https://github.com/manyfold3d/manyfold/security/advisories/GHSA-g949-hmvj-2r76

Related Resources

• Vulnerability Intelligence Dashboard
• Credential Scanner