CVE Catalog

CVE-2026-14609

MediumCVSS 5.6
Published: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.32%

24th percentile — higher than 24% of all known CVEs

Summary

A session fixation vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. The issue stems from improper data processing, allowing an attacker to fixate a user's session. The attack is remote but requires high complexity and is assessed as difficult to exploit.

Risk Assessment

The risk for the organization is the potential hijacking of an authenticated user's session, leading to unauthorized access to grading system data and functions. Although difficult, the public availability of an exploit increases the likelihood of exploitation.

Recommendation

Immediately update the system to the latest version or apply security patches from the vendor. Additionally, implement session fixation protection mechanisms, such as regenerating the session ID after login.

Original NVD description (English source)

A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This issue affects some unknown processing. The manipulation results in session fixiation. The attack can be executed remotely. The attack requires a high level of complexity. The exploitability is assessed as difficult. The exploit is now public and may be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS