1. Flask Session Cache Bypass: CVE-2026-27205 Exposes Web Apps Behind Misconfigured Proxies
A session handling flaw in Flask versions through 2.3.3 introduces the risk of cache-related data leakage for web applications deployed behind certain caching proxies. The vulnerability, tracked as CVE-2026-27205, stems from incomplete enforcement of the `Vary: Cookie` HTTP header when the session object is accessed us...