CVE-2026-4387: StrongDM State File Reuse Vulnerability Allows Session Hijacking
By
Hope Walker
Summary
A security vulnerability (CVE-2026-4387) was discovered in StrongDM where state files containing session authentication information could be transferred between hosts, allowing attackers to reuse authenticated sessions both inside and outside the deployment environment. The attack requires user-level permissions to access the state file. The vulnerability was patched in StrongDM Desktop version 23.74.0 and CLI version 53.77.0.
Source
Key quotes
· 3 pulledAn attacker could transfer StrongDM state files, which hold session authentication information, between hosts to provide authenticated sessions.
The attacker could reuse state files both inside and outside of the environment where an organization deployed it and requires user-level permissions to access the file.
Reusing the state file will result in an authenticated session and access to infrastructure.
You might also wanna read
Critical LangChain Core Vulnerability (CVE-2025-68664) Allows Serialization Injection Attacks
Cyata Research discloses LangGrinch (CVE-2025-68664), a critical vulnerability in LangChain Core that allows serialization injection attacks
Proof-of-Concept Exploit Released for Critical NGINX Heap Buffer Overflow (CVE-2026-42945)
A proof-of-concept exploit for CVE-2026-42945, a critical heap buffer overflow vulnerability in NGINX's ngx_http_rewrite_module that has exi

WAF - WAF Release - 2025-08-18
OpenSSL Vulnerability CVE-2025-15467: Stack Overflow with Remote Code Execution Risk
JFrog Security Research team reports on a newly disclosed OpenSSL vulnerability, CVE-2025-15467, which is a stack overflow issue that could
Critical Redis Vulnerability (CVE-2025-49844) Allows Remote Code Execution with Maximum CVSS Score
Wiz Research has discovered a critical remote code execution vulnerability (CVE-2025-49844, nicknamed #RediShell) in Redis, the widely used


Comments
Sign in to join the conversation.
No comments yet. Be the first.