CVE-2026-35411 | Directus up to 11.16.0 /admin/tfa-setup redirect

Inserito da Angelo Barbosa | Apr 6, 2026 | CVE

A vulnerability identified as problematic has been detected in Directus up to 11.16.0. This affects an unknown function of the file /admin/tfa-setup. This manipulation of the argument redirect causes open redirect.

This vulnerability appears as CVE-2026-35411. The attack may be initiated remotely. There is no available exploit.

You should upgrade the affected component.

CVE-2026-35411 | Directus up to 11.16.0 /admin/tfa-setup redirect

Post correlati

CVE-2024-29038 | tpm2-tools Quote Data tpm2_checkquote Privilege Escalation

CVE-2024-5599 | softaculous FileOrganizer Plugin up to 1.0.7 on WordPress fileorganizer_ajax_handler sensitive information

CVE-2025-22220 | VMware Aria Operations for Logs up to 8.18.2 API Privilege Escalation

CVE-2025-66866 | GNU Binutils 2.26 PE File cp-demangle.c d_abi_tags denial of service