A vulnerability has been found in pinpoint-apm pinpoint up to 3.1.0 and classified as problematic . This vulnerability affects unknown code of the component Session Cookie Handler . Performing a manipulation results in cookie without 'httponly' flag. This vulnerability is known as CVE-2026-57948 . Remote exploitation of the attack is possible. No exploit is available.