CVE-2026-11956 | TwiN gatus 5.36.0 OIDC Session Cookie security/oidc.go setSessionCookie missing secure attribute (Issue 1689)

A vulnerability classified as problematic was found in TwiN gatus 5.36.0. Impacted is the function setSessionCookie of the file security/oidc.go of the component OIDC Session Cookie Handler. Executing a manipulation can lead to sensitive cookie without secure attribute.

This vulnerability is tracked as CVE-2026-11956. The attack can be launched remotely. No exploit exists.

The reported GitHub issue was closed with the label “not planned”.VulDB Recent EntriesRead More