CVE-2026-35192— Session fixation via public cached pages and SESSION_SAVE_EVERY_REQUEST
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-35192
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Session fixation via public cached pages and SESSION_SAVE_EVERY_REQUEST
Source: NVD (National Vulnerability Database)
Vulnerability Description
An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. Response headers do not vary on cookies if a session is not modified, but `SESSION_SAVE_EVERY_REQUEST` is `True`. A remote attacker can steal a user's session after that user visits a cached public page. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Cantina for reporting this issue.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
通过持久性Cookie导致的信息暴露
Source: NVD (National Vulnerability Database)
Vulnerability Title
Django 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Django是Django基金会的一套基于Python语言的开源Web应用框架。该框架包括面向对象的映射器、视图系统、模板系统等。 Django 6.0.5之前版本和5.2.14之前版本存在安全漏洞,该漏洞源于SESSION_SAVE_EVERY_REQUEST为True时响应标头未随cookie变化,可能导致远程攻击者窃取用户会话。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| djangoproject | Django | 6.0 ~ 6.0.5 | - |
II. Public POCs for CVE-2026-35192
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-35192
请登录查看更多情报信息。
- Archive of security issues | Django documentation | Djangovendor-advisory
- django-announce - Google Groupsmailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2026-35192
Same Patch Batch · djangoproject · 2026-05-05 · 3 CVEs total
| CVE-2026-5766 | 5.3 MEDIUM | Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass |
| CVE-2026-6907 | 4.3 MEDIUM | Potential exposure of private data due to incorrect handling of Vary: * in UpdateCacheMidd |
IV. Related Vulnerabilities
Same product: Django
- CVE-2026-6907
Potential exposure of private data due to incorrect handling - CVE-2026-5766
Potential denial-of-service vulnerability in ASGI requests v - CVE-2026-33034
Potential denial-of-service vulnerability in ASGI requests v - CVE-2026-33033
Potential denial-of-service vulnerability in MultiPartParser - CVE-2026-4292
Privilege abuse in ModelAdmin.list_editable
Same vendor: djangoproject
- CVE-2026-6907
Potential exposure of private data due to incorrect handling - CVE-2026-5766
Potential denial-of-service vulnerability in ASGI requests v - CVE-2026-33034
Potential denial-of-service vulnerability in ASGI requests v - CVE-2026-33033
Potential denial-of-service vulnerability in MultiPartParser - CVE-2026-4292
Privilege abuse in ModelAdmin.list_editable
Same weakness: CWE-539
- CVE-2026-24318
Insecure Session Management vulnerability in SAP BusinessObj - CVE-2025-52633
HCL AION is susceptible to Missing Content-Security-Policy - CVE-2024-39275
Advantech ADAM-5630 Use of Persistent Cookies Containing Sen - CVE-2023-30861
Flask vulnerable to possible disclosure of permanent session - CVE-2021-27463
Emerson Rosemount X-STREAM Gas Analyzer 安全漏洞
V. Comments for CVE-2026-35192
No comments yet