A vulnerability marked as problematic has been reported in Apache Shiro . This issue affects some unknown processing of the component Remember-me Cookie Handler . This manipulation causes session expiration. This vulnerability is handled as CVE-2026-56130 . The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.