CVE-2026-40082 | Cacti up to 1.2.30 auth_login.php session_regenerate_id SESS_USER_ID session fixiation (GHSA-273r-qr93-wgcp)
A vulnerability identified as critical has been detected in Cacti up to 1.2.30. This impacts the function session_regenerate_id of the file auth_login.php. The manipulation of the argument SESS_USER_ID leads to session fixiation.
This vulnerability is referenced as CVE-2026-40082. Remote exploitation of the attack is possible. No exploit is available.
You should upgrade the affected component.VulDB Recent EntriesRead More