Home

Description

CodexBar prior to 0.32.0 contains a session cookie leakage vulnerability that allows network attackers to intercept imported browser session cookies by exploiting improper redirect handling for Amp and Ollama provider sessions. Attackers can position themselves on the network path to receive cleartext HTTP requests carrying imported session cookies when a provider-controlled redirect target issues a redirect to a cleartext HTTP endpoint within the same provider domain.

PUBLISHED Reserved 2026-05-01 | Published 2026-06-01 | Updated 2026-06-01 | Assigner VulnCheck




HIGH: 8.2CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

MEDIUM: 5.9CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

Cleartext Transmission of Sensitive Information

Product status

Default status
affected

Any version before 0.32.0
affected

Credits

Chia Min Jun Lennon finder

References

github.com/steipete/CodexBar/releases/tag/v0.32.0 release-notes

github.com/steipete/CodexBar/pull/1226 issue-tracking

github.com/...ommit/cdd7e347c1cf616615f18aa2ac52ba2ec9cab332 patch

www.vulncheck.com/...ssion-cookie-exposure-via-http-redirect third-party-advisory

cve.org (CVE-2026-43625)

nvd.nist.gov (CVE-2026-43625)

Download JSON