CVE-2026-21622 | hexpm hex.pm Reset Your Password Page password_reset.ex session expiration (GHSA-6r94-pvwf-mxqm)

A vulnerability, which was classified as critical, has been found in hexpm hex.pm. Affected by this issue is some unknown functionality in the library lib/hexpm/accounts/password_reset.ex of the component Reset Your Password Page. This manipulation causes session expiration.

This vulnerability appears as CVE-2026-21622. The attack may be initiated remotely. There is no available exploit.

It is suggested to install a patch to address this issue.VulDB Recent EntriesRead More