Lucene search
K

843 matches found

OSV
OSV
added 2026/04/06 9:34 p.m.3 views

CVE-2026-35413 Directus GraphQL Schema SDL Disclosure Setting

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, when GRAPHQLINTROSPECTION=false is configured, Directus correctly blocks standard GraphQL introspection queries schema, type. However, the serverspecsgraphql resolver on the /graphql/system endpoint...

5.3CVSS5.9AI score0.00314EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/06 9:33 p.m.3 views

CVE-2026-35412 Directus has a TUS Upload Authorization Bypass Allows Arbitrary File Overwrite

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

7.1CVSS6.1AI score0.00302EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/06 9:33 p.m.4 views

CVE-2026-35412

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

7.1CVSS6.1AI score0.00302EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/06 9:33 p.m.15 views

CVE-2026-35412 Directus has a TUS Upload Authorization Bypass Allows Arbitrary File Overwrite

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

7.1CVSS0.00302EPSS
Exploits0References1
OSV
OSV
added 2026/04/06 9:33 p.m.1 views

CVE-2026-35412 Directus has a TUS Upload Authorization Bypass Allows Arbitrary File Overwrite

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

7.1CVSS6.1AI score0.00302EPSS
Exploits0References3
CVE
CVE
added 2026/04/06 9:33 p.m.16 views

CVE-2026-35412

Directus prior to 11.16.1 is vulnerable to an authorization bypass in the TUS resumable upload endpoint (/files/tus). The TUS controller only performs collection-level authorization on directus_files and does not validate item-level access for the target file, allowing any authenticated user with...

8.1CVSS6.1AI score0.00302EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/06 9:33 p.m.4 views

CVE-2026-35411 Directus is an Open Redirect in Admin 2FA Setup Page

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus is vulnerable to an open redirect via the redirect query parameter on the /admin/tfa-setup page. When an administrator who has not yet configured Two-Factor Authentication 2FA visits a...

4.3CVSS5.9AI score0.00256EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/06 9:33 p.m.19 views

CVE-2026-35411 Directus is an Open Redirect in Admin 2FA Setup Page

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus is vulnerable to an open redirect via the redirect query parameter on the /admin/tfa-setup page. When an administrator who has not yet configured Two-Factor Authentication 2FA visits a...

4.3CVSS0.00256EPSS
Exploits0References1
CVE
CVE
added 2026/04/06 9:33 p.m.29 views

CVE-2026-35411

Directus prior to 11.16.1 is vulnerable to an open redirect on the /admin/tfa-setup page via the redirect parameter. An administrator who has not configured 2FA can be presented with the legitimate 2FA setup page, and after completing setup the app redirects to an attacker‑controlled URL without ...

4.3CVSS5.9AI score0.00256EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/06 9:33 p.m.8 views

CVE-2026-35411

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus is vulnerable to an open redirect via the redirect query parameter on the /admin/tfa-setup page. When an administrator who has not yet configured Two-Factor Authentication 2FA visits a...

4.3CVSS5.9AI score0.00256EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/04/06 9:33 p.m.2 views

CVE-2026-35411 Directus is an Open Redirect in Admin 2FA Setup Page

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus is vulnerable to an open redirect via the redirect query parameter on the /admin/tfa-setup page. When an administrator who has not yet configured Two-Factor Authentication 2FA visits a...

4.3CVSS6AI score0.00256EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/06 9:32 p.m.4 views

CVE-2026-35410

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, an open redirect vulnerability exists in the login redirection logic. The isLoginRedirectAllowed function fails to correctly identify certain malformed URLs as external, allowing attackers to bypass...

6.1CVSS6.1AI score0.00256EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/04/06 9:32 p.m.3 views

EUVD-2026-19518

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, an open redirect vulnerability exists in the login redirection logic. The isLoginRedirectAllowed function fails to correctly identify certain malformed URLs as external, allowing attackers to bypass...

6.1CVSS6.1AI score0.00256EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/06 9:32 p.m.3 views

CVE-2026-35410 Directus has an Open Redirect via Parser Bypass in OAuth2/SAML Authentication Flow

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, an open redirect vulnerability exists in the login redirection logic. The isLoginRedirectAllowed function fails to correctly identify certain malformed URLs as external, allowing attackers to bypass...

6.1CVSS6.1AI score0.00256EPSS
Exploits0References1
CVE
CVE
added 2026/04/06 9:32 p.m.21 views

CVE-2026-35410

CVE-2026-35410 – Directus open redirect : The vulnerability lies in Directus’ login redirection logic, where the isLoginRedirectAllowed function can misclassify malformed URLs as internal, bypassing the redirect allow-list and sending authenticated users to arbitrary external domains. Affected so...

6.1CVSS6.1AI score0.00256EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/06 9:32 p.m.16 views

CVE-2026-35410 Directus has an Open Redirect via Parser Bypass in OAuth2/SAML Authentication Flow

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, an open redirect vulnerability exists in the login redirection logic. The isLoginRedirectAllowed function fails to correctly identify certain malformed URLs as external, allowing attackers to bypass...

6.1CVSS0.00256EPSS
Exploits0References1
OSV
OSV
added 2026/04/06 9:32 p.m.4 views

CVE-2026-35410 Directus has an Open Redirect via Parser Bypass in OAuth2/SAML Authentication Flow

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, an open redirect vulnerability exists in the login redirection logic. The isLoginRedirectAllowed function fails to correctly identify certain malformed URLs as external, allowing attackers to bypass...

6.1CVSS6.1AI score0.00256EPSS
Exploits0References3
OSV
OSV
added 2026/04/06 9:31 p.m.3 views

CVE-2026-35409 Directus has a SSRF Protection Bypass via IPv4-Mapped IPv6 Addresses in File Import

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.0, a Server-Side Request Forgery SSRF protection bypass has been identified and fixed in Directus. The IP address validation mechanism used to block requests to local and private networks could be...

7.7CVSS5.9AI score0.00336EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/06 9:31 p.m.2 views

CVE-2026-35409 Directus has a SSRF Protection Bypass via IPv4-Mapped IPv6 Addresses in File Import

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.0, a Server-Side Request Forgery SSRF protection bypass has been identified and fixed in Directus. The IP address validation mechanism used to block requests to local and private networks could be...

7.7CVSS5.8AI score0.00336EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/06 9:31 p.m.17 views

CVE-2026-35409 Directus has a SSRF Protection Bypass via IPv4-Mapped IPv6 Addresses in File Import

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.0, a Server-Side Request Forgery SSRF protection bypass has been identified and fixed in Directus. The IP address validation mechanism used to block requests to local and private networks could be...

7.7CVSS0.00336EPSS
Exploits0References1
Rows per page
Query Builder