Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
EMQX Enterprise Session Handling Allows Unauthorized Access
CVE-2026-6564
Summary
EMQX Enterprise versions up to 6.1.0 have a security issue that could allow unauthorized access to user sessions. This means an attacker may be able to perform actions on behalf of other users without permission. Affected users should update to the latest version to fix this issue.
Original title
A vulnerability was found in EMQ EMQX Enterprise up to 6.1.0. The impacted element is an unknown function of the component Session Handling. The manipulation results in improper authorization. It i...
Original description
A vulnerability was found in EMQ EMQX Enterprise up to 6.1.0. The impacted element is an unknown function of the component Session Handling. The manipulation results in improper authorization. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS2.0
4.0
nvd CVSS3.1
4.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-266
Incorrect Privilege Assignment
CWE-285
Improper Authorization
Published: 19 Apr 2026 · Updated: 19 Apr 2026 · First seen: 19 Apr 2026