Session Fixation Vulnerability in Pandora FMS by Pandora FMS
CVE-2026-30808

7.6HIGH

Key Information:

Vendor: Pandora Fms
Status: Pandora Fms
Vendor: CVE Published:; 12 May 2026

🔔 Create Pandora Fms Vulnerability Alert

What is CVE-2026-30808?

A session fixation vulnerability exists in Pandora FMS, enabling malicious actors to hijack user sessions by providing crafted session identifiers. This vulnerability can compromise the integrity of user accounts, allowing unauthorized access to sensitive information and functionalities. The affected versions range from 777 to 800, urging users to update to newer versions to mitigate potential risks.

Affected Version(s)

Pandora FMS all 777 <= 800

References

https://pandorafms.com/en/security/common-vulnerabilities...

CVSS V4

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2026
Vulnerability Reserved
Mar 5, 2026

Credit

Pedro J. Núñez-Cacho Fuentes <tunelko@gmail.com>

CVE-2026-30808 Data

JSON