PatchSiren cyber security CVE debrief
CVE-2026-44188 Red Hat CVE debrief
A flaw was found in Ansible Lightspeed, related to insufficient session expiration. This vulnerability allows a remote attacker to maintain persistent access to the Ansible Lightspeed instance. If an attacker exfiltrates a valid OAuth access token before a user logs out, they can continue to authenticate and access sensitive data. This is because the application fails to invalidate the token on the backend, leaving it valid until its natural expiration.
- Vendor
- Red Hat
- Product
- Red Hat Ansible Automation Platform 2.7
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-15
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-15
- Advisory updated
- 2026-06-15
Who should care
Users of Ansible Lightspeed should be aware of this vulnerability and take steps to mitigate it.
Technical summary
The vulnerability has a CVSS score of 5.3 and is classified as MEDIUM severity. The CVSS vector is CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N. The weakness is categorized as CWE-613.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply patches or updates provided by the vendor to fix the vulnerability.
- Ensure that OAuth access tokens are properly invalidated on the backend when a user logs out.
- Monitor Ansible Lightspeed instances for suspicious activity.
Evidence notes
The vendor is listed as Unknown Vendor, but evidence suggests a connection to Redhat.
Official resources
CVE-2026-44188 was published on 2026-06-15T10:16:28.213Z and has not been modified since then.