Plattform
go
Komponente
github.com/dunglas/frankenphp
Behoben in
1.11.3
1.11.2
CVE-2026-24894 describes a session data leak vulnerability in FrankenPHP, a PHP testing tool. This flaw occurs specifically when FrankenPHP is running in worker mode, allowing attackers to potentially access sensitive session information. The vulnerability affects versions 1.11.1 and earlier, and a fix is available in version 1.11.2.
The core of this vulnerability lies in how FrankenPHP handles session data within its worker mode. In worker mode, FrankenPHP executes PHP code in separate processes. Due to a flaw in the session management, data from one request can inadvertently be exposed to subsequent requests processed by the same worker. An attacker could exploit this to gain unauthorized access to sensitive information stored in the session, such as API keys, user credentials, or other application-specific data. The potential impact is significant, particularly in environments where FrankenPHP is used to test applications handling sensitive data, as it could lead to data breaches and compromise of application security.
CVE-2026-24894 was publicly disclosed on 2026-02-17. There are currently no known public proof-of-concept exploits available. The vulnerability is not listed on the CISA KEV catalog at the time of writing. Given the nature of the vulnerability and the lack of public exploits, the probability of exploitation is currently considered low to medium.
Developers and security professionals using FrankenPHP for automated testing, particularly those relying on worker mode for parallel execution, are at risk. Teams using FrankenPHP to test applications handling sensitive data, such as authentication systems or financial transactions, should prioritize patching.
disclosure
Exploit-Status
EPSS
0.04% (13% Perzentil)
CISA SSVC
The primary mitigation for CVE-2026-24894 is to upgrade FrankenPHP to version 1.11.2 or later, which contains the fix for the session data leak. If an immediate upgrade is not feasible due to compatibility concerns or testing requirements, consider temporarily disabling worker mode if it's not essential for your testing workflow. While not a complete solution, this reduces the attack surface. Thoroughly review your FrankenPHP configuration to ensure that session handling is as secure as possible. There are no specific WAF rules or detection signatures readily available for this vulnerability, emphasizing the importance of timely patching.
Actualice FrankenPHP a la versión 1.11.2 o superior. Esta versión corrige la vulnerabilidad que permite la fuga de datos de sesión entre solicitudes en el modo worker. La actualización asegura que los datos de sesión se restablezcan correctamente entre las solicitudes, evitando el acceso no autorizado a la información de otros usuarios.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-24894 is a HIGH severity vulnerability in FrankenPHP where session data is leaked between requests in worker mode, potentially exposing sensitive information.
Yes, if you are using FrankenPHP versions 1.11.1 or earlier and utilizing worker mode, you are vulnerable to this session data leak.
Upgrade FrankenPHP to version 1.11.2 or later to resolve the vulnerability. If immediate upgrade is not possible, consider disabling worker mode.
Currently, there are no known public exploits or confirmed active exploitation campaigns targeting CVE-2026-24894.
Refer to the official FrankenPHP repository and release notes for details on the vulnerability and the fix: https://github.com/dunglas/frankenphp
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine go.mod-Datei hoch und wir sagen dir sofort, ob du betroffen bist.