PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-12379 Qt CVE debrief

CVE-2026-12379 is an Open Redirect vulnerability in the OAuth/OIDC authentication implementation of the Axivion Dashboard. The login flow did not properly restrict the post-authentication redirect to the application's own origin, allowing a user who follows a crafted login link to be sent to an untrusted external site after authenticating against the genuine Dashboard. This vulnerability can be abused for phishing, for example credential or second-factor theft via a convincing look-alike page. The vulnerability has a CVSS score of 6.8 and a severity of MEDIUM.

Vendor
Qt
Product
Axivion
CVSS
MEDIUM 6.8
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-16
Original CVE updated
2026-07-16
Advisory published
2026-07-16
Advisory updated
2026-07-16

Who should care

Users of Axivion Dashboard and administrators of systems that use Axivion Dashboard for authentication should be aware of this vulnerability and take steps to mitigate it. This includes reviewing system logs for suspicious activity, educating users on safe login practices, and implementing additional security measures to protect against phishing attacks.

Technical summary

The Open Redirect vulnerability (CWE-601) exists in the OAuth/OIDC authentication implementation of the Axivion Dashboard. The login flow did not properly restrict the post-authentication redirect to the application's own origin, so a user who follows a crafted login link can be sent to an untrusted external site after authenticating against the genuine Dashboard. This can be abused for phishing, for example credential or second-factor theft via a convincing look-alike page. Exploitation requires the victim to follow the attacker-supplied link and complete the authentication flow.

Defensive priority

Medium priority due to the potential for phishing attacks.

Recommended defensive actions

  • Verify and restrict redirects in Axivion Dashboard OAuth/OIDC authentication implementation
  • Implement proper input validation and sanitization
  • Monitor for suspicious login activity
  • Educate users on phishing attacks and safe login practices
  • Review compensating controls for exposed systems while remediation is scheduled and verified
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented

Evidence notes

Evidence is based on the CVE record and NVD detail. The CVE record was published on 2026-07-16T16:18:59.320Z and last modified on 2026-07-16T17:47:59.667Z. The information provided is limited, and defenders should verify the affected scope and severity with the vendor. No additional information is available about the vulnerability's exploitation or impact.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-16T16:18:59.320Z and has not been modified since then.