CVE-2026-40458 | PAC4J up to 5.7.9/6.4.0 String.hashCode cross-site request forgery

Inserito da Angelo Barbosa | Apr 17, 2026 | CVE

A vulnerability marked as problematic has been reported in PAC4J up to 5.7.9/6.4.0. This vulnerability affects the function String.hashCode. This manipulation causes cross-site request forgery.

This vulnerability is registered as CVE-2026-40458. Remote exploitation of the attack is possible. No exploit is available.

It is suggested to upgrade the affected component.

CVE-2026-40458 | PAC4J up to 5.7.9/6.4.0 String.hashCode cross-site request forgery

Post correlati

CVE-2024-29871 | Sentrifugo 3.2 updatecontactnumber id sql injection

CVE-2024-54129 | NASA ION-DTN prior 4.1.3s BPv7 initialization

CVE-2025-53171 | Huawei HarmonyOS 5.0.1/5.1.0 Image File Preview stack-based overflow

CVE-2025-12626 | jeecgboot jeewx-boot up to 641ab52c3e1845fec39996d7794c33fb40dad1dd WxActGoldeneggsPrizesController.java getImgUrl imgurl path traversal (17/47)