CVE-2026-61500 - Rejetto HFS < 3.2.1 Session Forgery via Predictable Signing Key
CVE ID :CVE-2026-61500 Published : July 13, 2026, 6:16 p.m. | 17 minutes ago Description :Rejetto HFS 3.0.0 through 3.2.0 derives its session-cookie signing key from the non-cryptographic Math.random() generator and discloses outputs of the same generator to unauthenticated clients during...