CVE-2026-22032 | Directus up to 11.13.x SAML Authentication RelayState redirect

A vulnerability, which was classified as problematic, has been found in Directus up to 11.13.x. This affects an unknown function of the component SAML Authentication. This manipulation of the argument RelayState causes open redirect.

This vulnerability is tracked as CVE-2026-22032. The attack is possible to be carried out remotely. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More