CVE-2026-6907 | Django up to 5.2.13/6.0.4 django.middleware.cache.UpdateCacheMiddleware cache containing sensitive information

Inserito da Angelo Barbosa | Mag 5, 2026 | CVE

A vulnerability has been found in Django up to 5.2.13/6.0.4 and classified as problematic. Affected is an unknown function of the component django.middleware.cache.UpdateCacheMiddleware. The manipulation leads to use of cache containing sensitive information.

This vulnerability is uniquely identified as CVE-2026-6907. The attack is possible to be carried out remotely. No exploit exists.

The affected component should be upgraded.

CVE-2026-6907 | Django up to 5.2.13/6.0.4 django.middleware.cache.UpdateCacheMiddleware cache containing sensitive information

Post correlati

CVE-2023-44379 | baserCMS up to 5.0.8 Site Search cross site scripting

CVE-2026-6491 | libvips up to 8.18.2 nip2 vips7compat.c im_minpos_vec n heap-based overflow (Issue 4965)

CVE-2024-49628 | WhileTrue Most and Least Read Posts Widget Plugin up to 2.5.18 on WordPress cross-site request forgery

CVE-2025-49028 | Zoho Mail Zoho ZeptoMail Plugin up to 3.3.1 on WordPress cross-site request forgery