Live Latest activity →

Apache Wicket Vulnerabilities

1 advisories affecting Apache Wicket

1

Total CVEs

1

Critical

0

High

CVE-2026-40010

May 6, 2026

Critical (9.1)

Missing invocation of Servlet http web request method changeSessionId after session binding can be exploited for a session fixation attack in Apache Wicket. This issue affects Apache Wicket: from 8.0...

Read Advisory

Never Miss a Critical Alert

CVE advisories, breach reports, and threat intel — delivered daily to your inbox.