NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-42350

Summary	Kargo manages and automates the promotion of software artifacts. Prior to versions 1.7.10, 1.8.13, 1.9.8, and 1.10.2, Kargo is vulnerable to open redirect in UI OIDC login flow via the redirectTo query parameter. This issue has been patched in versions 1.7.10, 1.8.13, 1.9.8, and 1.10.2.
Publication Date	May 9, 2026, 8:16 a.m.
Registration Date	May 10, 2026, 4:10 a.m.
Last Update	May 9, 2026, 8:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/akuity/kargo/security/advisories/GHSA-g7gw-m874-7rmf	security-advisories@github.com

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-601	オープンリダイレクト	https://cwe.mitre.org/data/definitions/601.html