Description

RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's make_sign_in_key() function and exam.py's gen_ticket_code() function. This issue has been patched via commit 2f68e16.

INFO

Published Date :

2026-05-07T13:35:02.351Z

Last Modified :

2026-05-07T14:44:48.542Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-41505 vulnerability.

Vendors Products
Inducer
  • Relate
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-41505.

URL Resource
https://github.com/inducer/relate/commit/2f68e16cd3b96d25c188c1aa3f7e13cdb15cdaeb cve-icon cve-icon
https://github.com/inducer/relate/security/advisories/GHSA-rvx5-95mm-p77v cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact