CWE•Base•Incomplete•20 recent CVEs
CWE-613Insufficient Session Expiration
Description
According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."
Common consequences
- Access Control→Bypass Protection Mechanism
Potential mitigations
- ImplementationSet sessions/credentials expiration date.
Related CWEs
Recent CVEs classified under this CWE
CVE-2026-466577.12026-06-08CVE-2026-466568.82026-06-08CVE-2026-464012026-06-05CVE-2026-487266.52026-06-01CVE-2026-446487.52026-05-29CVE-2026-98026.82026-05-28CVE-2026-86709.62026-05-22CVE-2026-18155.72026-05-21CVE-2026-445538.12026-05-15CVE-2026-227066.52026-05-14CVE-2026-445117.42026-05-14CVE-2026-55456.52026-05-13CVE-2026-448735.42026-05-12CVE-2026-439838.12026-05-12CVE-2026-439116.82026-05-11CVE-2026-419029.12026-05-07CVE-2026-415194.22026-05-07CVE-2026-418912026-05-07CVE-2026-409346.82026-05-05CVE-2026-424215.42026-04-28