CVE-2026-29092

Medium CVSS: 4.9

Kiteworks is a private data network (PDN). Prior to version 9.2.1, a vulnerability in Kiteworks Email Protection Gateway session management allows blocked users to maintain active sessions after their account is disabled. This could allow unauthorized access to continue until the session naturally expires. Upgrade Kiteworks to version 9.2.1 or later to receive a patch.

Vendor

Accellion

Product

Kiteworks

CWE

CWE-613

Yayın Tarihi

2026-03-25 17:16:57

Güncelleme

2026-03-27 19:01:19

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-613 Kiteworks MEDIUM Accellion 2026

Referanslar

https://github.com/kiteworks/security-advisories/security/advisories/GHSA-92w7-fpjr-wpxc

Benzer Kayıtlar

Medium

CVE-2026-23635

Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, a misconfiguration of…

Medium

CVE-2026-23636

Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, the manager of a form…

High

CVE-2026-24750

Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, an authenticated attac…

High

CVE-2026-23514

Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerabili…

Medium

CVE-2026-28270

Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration allows upl…

Medium

CVE-2026-28271

Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration functional…