A vulnerability was found in Enhancesoft osTicket 1.18.2 and classified as problematic . The impacted element is an unknown function of the component Session Identifier Handler . Such manipulation leads to session expiration. This vulnerability is uniquely identified as CVE-2026-9507 . The attack can be launched remotely. No exploit exists.