CVE-2026-42350 - Kargo: Open Redirect in UI OIDC Login Flow via redirectTo Query Parameter
CVE ID :CVE-2026-42350 Published : May 8, 2026, 10:35 p.m. | 28 minutes ago Description :Kargo manages and automates the promotion of software artifacts. Prior to versions 1.7.10, 1.8.13, 1.9.8, and 1.10.2, Kargo is vulnerable to open redirect in UI OIDC login flow via the redirectTo query par
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] AI Is Breaking Two Vulnerability Cultures — And Vibe Coders Are About to Get Caught in the Middle
- [CYBER] Why AI agent governance feels harder than traditional security models
- [CYBER] Seclens: Role-specific Evaluation of LLM's for security vulnerablity detection
- [CYBER] CVE-2026-42307 - Vim: OS Command Injection in netrw
- [CYBER] CVE-2026-42352 - pygeoapi 0.23.x: Unauthenticated SSRF via OGC API - Processes Subscriber
- [CYBER] CVE-2026-42351 - pygeoapi: Path Traversal in STAC FileSystemProvider