Severity:
CRITICAL RISK
(9.6)
Session Fixation via Direct OIDC Callback (CWE-384) in OpenBao JWT/OIDC Login
CVE-2026-33757
Published:
Mar 27, 2026
Status:
Analyzed
Summary
Affected Context
Exploit Preconditions
Why This Happens
Potential Impact
General Mitigation Guidance
How Teams Detect Issues Like This
Frequently Asked Questions
Source
NDV
