CVE-2026-3269: PSI Probe: Broken access control can lead to DoS

February 27, 2026 (updated February 28, 2026)

A flaw has been found in psi-probe PSI Probe up to 5.3.0. The impacted element is the function handleRequestInternal of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/ExpireSessionsController.java of the component Session Handler. Executing a manipulation can lead to denial of service. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

References

github.com/AnalogyC0de/public_exp/issues/13
github.com/advisories/GHSA-rx6w-2w6h-r346
github.com/psi-probe/psi-probe
nvd.nist.gov/vuln/detail/CVE-2026-3269
vuldb.com/?ctiid.347993
vuldb.com/?id.347993
vuldb.com/?submit.758665

Code Behaviors & Features

Detect and mitigate CVE-2026-3269 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →