CVE-2026-10839

Vulnerability Description

Open redirection vulnerability in the authentication system allows an attacker to use manipulated values in the X-Forwarded-Host header to alter the URLs generated by the application. A successful exploit could redirect authenticated users to malicious sites following login procedures or interaction with the interface, resulting in limited impact on confidentiality and integrity.

Vulnerability Details

Published Date

June 17, 2026

Last Modified

June 17, 2026

CWE ID

CWE-601

Source

NVD

Vendor

Password Manager

Product

Password Manager

External References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-password-manager

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment