CVE-2025-56746 — Creativeitem Academy LMS up to and including 5.13 does not regenerate session IDs upon successful authentication, enabling session fixation attacks where attackers can hijack user sessions by predeter — CVE Database · The Intelligence Room