Session Hijacking Vulnerability in Turkiye Electricity Transmission Corporation Mobile Application
CVE-2026-1815

5.7MEDIUM

Key Information:

Vendor: Turkiye Electricity Transmission Corporation (tei̇aş)
Status: Mobile Application
Vendor: CVE Published:; 21 May 2026

🔔 Create Turkiye Electricity Transmission Corporation (tei̇aş) Vulnerability Alert

What is CVE-2026-1815?

The Turkiye Electricity Transmission Corporation's mobile application has a vulnerability that allows session hijacking due to inadequate session expiration mechanisms. This flaw may allow unauthorized users to exploit active sessions, potentially compromising sensitive user data and account integrity. Versions 1.6.2 to 1.13 are particularly affected, urging users to update to secure their accounts.

Affected Version(s)

Mobile Application 1.6.2 < 1.13

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/...

government-resource

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 21, 2026
Vulnerability Reserved
Feb 3, 2026

Credit

Metin ÖGTEM

CVE-2026-1815 Data

JSON