CVE-2026-1163 — An insufficient session expiration vulnerability exists in the latest version of parisneo/lollms. The application fails to invalidate active sessions after a password reset, allowing an attacker to co — CVE Database · The Intelligence Room