CVE-2026-56667 | ZITADEL up to 4.15.2 Login Redirect router.push defaultRedirectUri redirect

SecurityVulns

A vulnerability has been found in ZITADEL up to 4.15.2 and classified as problematic. Impacted is the function router.push of the component Login Redirect Handler. This manipulation of the argument defaultRedirectUri causes open redirect.

The identification of this vulnerability is CVE-2026-56667. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More