CVE Catalog

CVE-2026-2347

Critical
Published: Translated: NVD NIST

Summary

A vulnerability in Akilli Commerce software allows authorization bypass through a user-controlled key, leading to session hijacking.

Risk Assessment

The organization may be exposed to session hijacking, potentially resulting in unauthorized access to data and resources.

Recommendation

It is recommended to update the software to version 4.5.001 or later to mitigate this vulnerability.

Original NVD description (English source)

Authorization bypass through User-Controlled key vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Session Hijacking. This issue affects E-Commerce Website: before 4.5.001.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS