CVE-2026-8670CRITICAL 9.6EPSS p20.8%

CVE-2026-8670CVE-2026-8670

avantra / avantra

Description

Insufficient session expiration vulnerability in syslink software AG Avantra on Linux, Windows allows Reusing Session IDs (aka Session Replay). This issue affects Avantra: before 25.3.1.

Scoring

CVSS 3.19.6 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS0.29% probability of exploitation · percentile 20.8% · 2026-06-19T12:03:05Z
Published2026-05-22
Last modified2026-06-02

Underlying weaknesses· 1

CWE-613

References

  1. https://support.avantra.com/hc/en-us/articles/5533929912351

1

TypeTargetConfidenceTier
WeaknessInsufficient Session Expirationcwe-6130%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-8673
CVE
CVE-2026-8671
CVE
CVE-2026-8672
CVE
CVE-2025-10228
CVE
CVE-2025-2409
CVE
CVE-2025-48906
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.