CVE-2025-66803 — Race condition in the turbo-frame element handler in Hotwired Turbo before 8.0.x causes logout operations to fail when delayed frame responses reapply session cookies after logout. This can be exploit — CVE Database · The Intelligence Room