{"cve_id":"CVE-2025-55266","summary":"HCL Aftermarket DPC is affected by Session Fixation which allows attacker to takeover the user's session and use it carry out unauthorized transaction behalf of the user.","cvss":5.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.9,"epss":0.00036,"ranking_epss":0.10799,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129793"],"published_time":"2026-03-26T13:16:25","cpes":["cpe:2.3:a:hcltech:aftermarket_cloud:1.0.0"]}