Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

TwiN

Source -

CNA

BOS Name -

N/A

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
1Vulnerabilities found
CVE-2026-11956
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-Not Assigned
Published-11 Jun, 2026 | 11:30
Updated-11 Jun, 2026 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TwiN gatus OIDC Session Cookie oidc.go setSessionCookie missing secure attribute

A vulnerability was determined in TwiN gatus 5.36.0. Impacted is the function setSessionCookie of the file security/oidc.go of the component OIDC Session Cookie Handler. Executing a manipulation can lead to sensitive cookie without secure attribute. The attack can be launched remotely. This attack is characterized by high complexity. The exploitability is considered difficult. The reported GitHub issue was closed with the label "not planned".

Action-Not Available
Vendor-TwiN
Product-gatus
CWE ID-CWE-1004
Sensitive Cookie Without 'HttpOnly' Flag
CWE ID-CWE-614
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute