Home JetbrainsCVE-2026-32745

CVE-2026-32745

MEDIUM

6.3CVSS

Published: 2026-03-13

Updated: 2026-04-02

AI Analysis

Description

In JetBrains Datalore before 2026.1 session hijacking was possible due to missing secure attribute for cookie settings

CVSS Metrics

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
Attack Vector: adjacent network
Complexity: low
Privileges: none
User Action: required
Scope: unchanged
Confidentiality: high
Integrity: low
Availability: none
Weaknesses: CWE-614CWE-319

Metadata

Primary Vendor: JETBRAINS
Published: 3/13/2026
Last Modified: 4/2/2026
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

jetbrains : datalore

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD

CVE-CVE-2026-32745 | MEDIUM Severity | CVEDatabase.com | CVEDatabase.com