CVE-2026-12863
Venueless ’ social login contains an unvalidated redirect that could be exploited for phishing via trusted domains. Public records (NVD, CVE records) describe an unvalidated redirect in the social login flow, enabling attackers to lure users to attacker-controlled sites by leveraging trusted doma...