CVE-2026-42206 | roadiz core-bundle-dev-app up to 2.3.42/2.5.44/2.6.30/2.7.17 generate data authenticity (GHSA-3gx8-q682-38mx)

A vulnerability categorized as problematic has been discovered in roadiz core-bundle-dev-app up to 2.3.42/2.5.44/2.6.30/2.7.17. The affected element is the function OAuth2LinkGenerator::generate. The manipulation results in insufficient verification of data authenticity.

This vulnerability is reported as CVE-2026-42206. The attack can be launched remotely. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More