SCA: security update for kimai/kimai (GHSA-m492-gv72-xvxj)

high Tenable Cloud Security Plugin ID 444270

Description

Kimai Password Reset Link Remains Valid After Password Change

Solution

Update the kimai/kimai library and its related packages to version 2.58.0 or later.

See Also

https://github.com/advisories/GHSA-m492-gv72-xvxj

Plugin Details

Severity: High

ID: 444270

Version: Revision 1.1

Type: Local

Family: SCA Checks

Published: 7/2/2026

Updated: 7/2/2026

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 7/1/2026

Vulnerability Publication Date: 7/1/2026

Reference Information

cwe: CWE-640