Two newly disclosed vulnerabilities affect widely used security and AI-adjacent platforms. Chainlit versions earlier than 2.10.1 are vulnerable to CVE-2026-56104, a critical flaw in WebSocket session restoration that lets an unauthenticated attacker supply a valid sessionId and inherit an authenticated user’s session without ownership verification. The issue can allow attackers to assume victim roles and permissions, invoke tools without authorization, and access data available only to the compromised user. The published guidance is to upgrade to Chainlit 2.10.1 or later and ensure session restoration enforces ownership checks.
OpenCTI is also affected by CVE-2026-21887, a server-side request forgery vulnerability in its data ingestion component that allows an authenticated attacker to force the platform to fetch attacker-controlled URLs. Because OpenCTI often runs as a trusted internal node in security operations environments, the flaw can be used to reach internal services, bypass perimeter controls, and in cloud deployments query the instance metadata service at 169.254.169.254 to obtain temporary AWS IAM credentials, potentially enabling broader infrastructure compromise. The issue was scored CVSS 7.7, and remediation centers on validating outbound destinations and blocking requests to private and link-local address ranges.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
1 event from the most recent confirmed update back to the earliest known activity.
A critical session hijacking vulnerability affecting Chainlit versions earlier than 2.10.1 was published. The flaw allows unauthenticated attackers to restore authenticated WebSocket sessions by supplying a valid sessionId without ownership verification.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
2 references tracked. Mallory keeps watching after this page renders.
cvereports.com
Open sourcecvefeed.io
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.