CVE Catalog
CVE-2026-41588
CriticalSummary
RELATE is a web-based courseware package. Prior to commit 2f68e16, there was a timing attack vulnerability in course/auth.py — check_sign_in_key().
Risk Assessment
This vulnerability could have allowed attackers to perform a timing attack, potentially leading to unauthorized access to the system.
Recommendation
It is recommended to update to the version containing commit 2f68e16 to secure the system against this type of attack.
Original NVD description (English source)
RELATE is a web-based courseware package. Prior to commit 2f68e16, there is a timing attack vulnerability in course/auth.py — check_sign_in_key(). This issue has been patched via commit 2f68e16.

