CVE-2026-12379 (GCVE-0-2026-12379)

Vulnerability from cvelistv5 – Published: 2026-07-16 15:32 – Updated: 2026-07-16 15:58
VLAI
Title
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in the Dashboard OAuth/OIDC implementation of Axivion
Summary
An Open Redirect vulnerability (CWE-601) exists in the OAuth/OIDC authentication implementation of the Axivion Dashboard. The login flow did not properly restrict the post-authentication redirect to the application's own origin, so a user who follows a crafted login link can be sent to an untrusted external site after authenticating against the genuine Dashboard. Because the link points at the legitimate Dashboard, this can be abused for phishing, for example credential or second-factor theft via a convincing look-alike page. Exploitation requires the victim to follow the attacker-supplied link and complete the authentication flow.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-601 - URL redirection to untrusted site ('open redirect')
Assigner
References
Impacted products
Vendor Product Version
Qt Axivion Affected: 7.8.0 , ≤ 7.8.12 (python)
Affected: 7.9.0 , ≤ 7.9.12 (python)
Affected: 7.10.0 , ≤ 7.10.10 (python)
Affected: 7.11.0 , ≤ 7.11.6 (python)
Affected: 7.12.0 , ≤ 7.12.1 (python)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-12379",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-16T15:58:42.449159Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-16T15:58:57.361Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Axivion",
          "vendor": "Qt",
          "versions": [
            {
              "lessThanOrEqual": "7.8.12",
              "status": "affected",
              "version": "7.8.0",
              "versionType": "python"
            },
            {
              "lessThanOrEqual": "7.9.12",
              "status": "affected",
              "version": "7.9.0",
              "versionType": "python"
            },
            {
              "lessThanOrEqual": "7.10.10",
              "status": "affected",
              "version": "7.10.0",
              "versionType": "python"
            },
            {
              "lessThanOrEqual": "7.11.6",
              "status": "affected",
              "version": "7.11.0",
              "versionType": "python"
            },
            {
              "lessThanOrEqual": "7.12.1",
              "status": "affected",
              "version": "7.12.0",
              "versionType": "python"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:qt:axivion:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "7.8.12",
                  "versionStartIncluding": "7.8.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:qt:axivion:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "7.9.12",
                  "versionStartIncluding": "7.9.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:qt:axivion:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "7.10.10",
                  "versionStartIncluding": "7.10.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:qt:axivion:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "7.11.6",
                  "versionStartIncluding": "7.11.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:qt:axivion:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "7.12.1",
                  "versionStartIncluding": "7.12.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An Open Redirect vulnerability (CWE-601) exists in the OAuth/OIDC authentication implementation of the Axivion Dashboard. The login flow did not properly restrict the post-authentication redirect to the application\u0027s own origin, so a user who follows a crafted login link can be sent to an untrusted external site after authenticating against the genuine Dashboard. Because the link points at the legitimate Dashboard, this can be abused for phishing, for example credential or second-factor theft via a convincing look-alike page. Exploitation requires the victim to follow the attacker-supplied link and complete the authentication flow.\u003cbr\u003e"
            }
          ],
          "value": "An Open Redirect vulnerability (CWE-601) exists in the OAuth/OIDC authentication implementation of the Axivion Dashboard. The login flow did not properly restrict the post-authentication redirect to the application\u0027s own origin, so a user who follows a crafted login link can be sent to an untrusted external site after authenticating against the genuine Dashboard. Because the link points at the legitimate Dashboard, this can be abused for phishing, for example credential or second-factor theft via a convincing look-alike page. Exploitation requires the victim to follow the attacker-supplied link and complete the authentication flow."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-98",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-98 Phishing"
            }
          ]
        },
        {
          "capecId": "CAPEC-194",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-194 Fake the Source of Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-601",
              "description": "CWE-601 URL redirection to untrusted site (\u0027open redirect\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-16T15:32:44.883Z",
        "orgId": "a59d8014-47c4-4630-ab43-e1b13cbe58e3",
        "shortName": "TQtC"
      },
      "references": [
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://wiki.qt.io/List_of_known_vulnerabilities_in_Qt_products#CVE-2026-12379"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update to\u0026nbsp;Axivion\u0026nbsp;7.9.13, 7.10.11, 7.11.7, 7.12.2\u0026nbsp;or later.\u0026nbsp;"
            }
          ],
          "value": "Update to\u00a0Axivion\u00a07.9.13, 7.10.11, 7.11.7, 7.12.2\u00a0or later."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in the Dashboard OAuth/OIDC implementation of Axivion",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan\u003eDisable OIDC\u0026nbsp;\u003c/span\u003e\u003cspan\u003ein your Dashboard\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "Disable OIDC\u00a0in your Dashboard"
        },
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan\u003eShut\u003c/span\u003e\u003cspan\u003e\u0026nbsp;\u003c/span\u003e\u003cspan\u003edown\u003c/span\u003e\u003cspan\u003e\u0026nbsp;\u003c/span\u003e\u003cspan\u003ethe\u003c/span\u003e\u003cspan\u003e\u0026nbsp;\u003c/span\u003e\u003cspan\u003eDashboard where OIDC is enabled\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "Shut\u00a0down\u00a0the\u00a0Dashboard where OIDC is enabled"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a59d8014-47c4-4630-ab43-e1b13cbe58e3",
    "assignerShortName": "TQtC",
    "cveId": "CVE-2026-12379",
    "datePublished": "2026-07-16T15:32:44.883Z",
    "dateReserved": "2026-06-16T09:08:08.138Z",
    "dateUpdated": "2026-07-16T15:58:57.361Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-12379\",\"sourceIdentifier\":\"a59d8014-47c4-4630-ab43-e1b13cbe58e3\",\"published\":\"2026-07-16T16:18:59.320\",\"lastModified\":\"2026-07-16T17:47:59.667\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An Open Redirect vulnerability (CWE-601) exists in the OAuth/OIDC authentication implementation of the Axivion Dashboard. The login flow did not properly restrict the post-authentication redirect to the application\u0027s own origin, so a user who follows a crafted login link can be sent to an untrusted external site after authenticating against the genuine Dashboard. Because the link points at the legitimate Dashboard, this can be abused for phishing, for example credential or second-factor theft via a convincing look-alike page. Exploitation requires the victim to follow the attacker-supplied link and complete the authentication flow.\"}],\"affected\":[{\"source\":\"a59d8014-47c4-4630-ab43-e1b13cbe58e3\",\"affectedData\":[{\"vendor\":\"Qt\",\"product\":\"Axivion\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"7.8.0\",\"lessThanOrEqual\":\"7.8.12\",\"versionType\":\"python\",\"status\":\"affected\"},{\"version\":\"7.9.0\",\"lessThanOrEqual\":\"7.9.12\",\"versionType\":\"python\",\"status\":\"affected\"},{\"version\":\"7.10.0\",\"lessThanOrEqual\":\"7.10.10\",\"versionType\":\"python\",\"status\":\"affected\"},{\"version\":\"7.11.0\",\"lessThanOrEqual\":\"7.11.6\",\"versionType\":\"python\",\"status\":\"affected\"},{\"version\":\"7.12.0\",\"lessThanOrEqual\":\"7.12.1\",\"versionType\":\"python\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"a59d8014-47c4-4630-ab43-e1b13cbe58e3\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:M/U:X\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"PASSIVE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-07-16T15:58:42.449159Z\",\"id\":\"CVE-2026-12379\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"a59d8014-47c4-4630-ab43-e1b13cbe58e3\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-601\"}]}],\"references\":[{\"url\":\"https://wiki.qt.io/List_of_known_vulnerabilities_in_Qt_products#CVE-2026-12379\",\"source\":\"a59d8014-47c4-4630-ab43-e1b13cbe58e3\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-12379\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-07-16T15:58:42.449159Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-07-16T15:58:47.305Z\"}}], \"cna\": {\"title\": \"URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in the Dashboard OAuth/OIDC implementation of Axivion\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"capecId\": \"CAPEC-98\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-98 Phishing\"}]}, {\"capecId\": \"CAPEC-194\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-194 Fake the Source of Data\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 6.8, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M\", \"exploitMaturity\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"PASSIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Qt\", \"product\": \"Axivion\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.8.0\", \"versionType\": \"python\", \"lessThanOrEqual\": \"7.8.12\"}, {\"status\": \"affected\", \"version\": \"7.9.0\", \"versionType\": \"python\", \"lessThanOrEqual\": \"7.9.12\"}, {\"status\": \"affected\", \"version\": \"7.10.0\", \"versionType\": \"python\", \"lessThanOrEqual\": \"7.10.10\"}, {\"status\": \"affected\", \"version\": \"7.11.0\", \"versionType\": \"python\", \"lessThanOrEqual\": \"7.11.6\"}, {\"status\": \"affected\", \"version\": \"7.12.0\", \"versionType\": \"python\", \"lessThanOrEqual\": \"7.12.1\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Update to\\u00a0Axivion\\u00a07.9.13, 7.10.11, 7.11.7, 7.12.2\\u00a0or later.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Update to\u0026nbsp;Axivion\u0026nbsp;7.9.13, 7.10.11, 7.11.7, 7.12.2\u0026nbsp;or later.\u0026nbsp;\", \"base64\": false}]}], \"references\": [{\"url\": \"https://wiki.qt.io/List_of_known_vulnerabilities_in_Qt_products#CVE-2026-12379\", \"tags\": [\"issue-tracking\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Disable OIDC\\u00a0in your Dashboard\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan\u003eDisable OIDC\u0026nbsp;\u003c/span\u003e\u003cspan\u003ein your Dashboard\u0026nbsp;\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}, {\"lang\": \"en\", \"value\": \"Shut\\u00a0down\\u00a0the\\u00a0Dashboard where OIDC is enabled\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan\u003eShut\u003c/span\u003e\u003cspan\u003e\u0026nbsp;\u003c/span\u003e\u003cspan\u003edown\u003c/span\u003e\u003cspan\u003e\u0026nbsp;\u003c/span\u003e\u003cspan\u003ethe\u003c/span\u003e\u003cspan\u003e\u0026nbsp;\u003c/span\u003e\u003cspan\u003eDashboard where OIDC is enabled\u0026nbsp;\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 1.0.2\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An Open Redirect vulnerability (CWE-601) exists in the OAuth/OIDC authentication implementation of the Axivion Dashboard. The login flow did not properly restrict the post-authentication redirect to the application\u0027s own origin, so a user who follows a crafted login link can be sent to an untrusted external site after authenticating against the genuine Dashboard. Because the link points at the legitimate Dashboard, this can be abused for phishing, for example credential or second-factor theft via a convincing look-alike page. Exploitation requires the victim to follow the attacker-supplied link and complete the authentication flow.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"An Open Redirect vulnerability (CWE-601) exists in the OAuth/OIDC authentication implementation of the Axivion Dashboard. The login flow did not properly restrict the post-authentication redirect to the application\u0027s own origin, so a user who follows a crafted login link can be sent to an untrusted external site after authenticating against the genuine Dashboard. Because the link points at the legitimate Dashboard, this can be abused for phishing, for example credential or second-factor theft via a convincing look-alike page. Exploitation requires the victim to follow the attacker-supplied link and complete the authentication flow.\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-601\", \"description\": \"CWE-601 URL redirection to untrusted site (\u0027open redirect\u0027)\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:qt:axivion:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndIncluding\": \"7.8.12\", \"versionStartIncluding\": \"7.8.0\"}, {\"criteria\": \"cpe:2.3:a:qt:axivion:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndIncluding\": \"7.9.12\", \"versionStartIncluding\": \"7.9.0\"}, {\"criteria\": \"cpe:2.3:a:qt:axivion:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndIncluding\": \"7.10.10\", \"versionStartIncluding\": \"7.10.0\"}, {\"criteria\": \"cpe:2.3:a:qt:axivion:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndIncluding\": \"7.11.6\", \"versionStartIncluding\": \"7.11.0\"}, {\"criteria\": \"cpe:2.3:a:qt:axivion:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndIncluding\": \"7.12.1\", \"versionStartIncluding\": \"7.12.0\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}], \"providerMetadata\": {\"orgId\": \"a59d8014-47c4-4630-ab43-e1b13cbe58e3\", \"shortName\": \"TQtC\", \"dateUpdated\": \"2026-07-16T15:32:44.883Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-12379\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-16T15:58:57.361Z\", \"dateReserved\": \"2026-06-16T09:08:08.138Z\", \"assignerOrgId\": \"a59d8014-47c4-4630-ab43-e1b13cbe58e3\", \"datePublished\": \"2026-07-16T15:32:44.883Z\", \"assignerShortName\": \"TQtC\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…