PatchSiren cyber security CVE debrief
CVE-2026-12379 Qt CVE debrief
CVE-2026-12379 is an Open Redirect vulnerability in the OAuth/OIDC authentication implementation of the Axivion Dashboard. The login flow did not properly restrict the post-authentication redirect to the application's own origin, allowing a user who follows a crafted login link to be sent to an untrusted external site after authenticating against the genuine Dashboard. This vulnerability can be abused for phishing, for example credential or second-factor theft via a convincing look-alike page. The vulnerability has a CVSS score of 6.8 and a severity of MEDIUM.
- Vendor
- Qt
- Product
- Axivion
- CVSS
- MEDIUM 6.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-16
- Original CVE updated
- 2026-07-16
- Advisory published
- 2026-07-16
- Advisory updated
- 2026-07-16
Who should care
Users of Axivion Dashboard and administrators of systems that use Axivion Dashboard for authentication should be aware of this vulnerability and take steps to mitigate it. This includes reviewing system logs for suspicious activity, educating users on safe login practices, and implementing additional security measures to protect against phishing attacks.
Technical summary
The Open Redirect vulnerability (CWE-601) exists in the OAuth/OIDC authentication implementation of the Axivion Dashboard. The login flow did not properly restrict the post-authentication redirect to the application's own origin, so a user who follows a crafted login link can be sent to an untrusted external site after authenticating against the genuine Dashboard. This can be abused for phishing, for example credential or second-factor theft via a convincing look-alike page. Exploitation requires the victim to follow the attacker-supplied link and complete the authentication flow.
Defensive priority
Medium priority due to the potential for phishing attacks.
Recommended defensive actions
- Verify and restrict redirects in Axivion Dashboard OAuth/OIDC authentication implementation
- Implement proper input validation and sanitization
- Monitor for suspicious login activity
- Educate users on phishing attacks and safe login practices
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
Evidence notes
Evidence is based on the CVE record and NVD detail. The CVE record was published on 2026-07-16T16:18:59.320Z and last modified on 2026-07-16T17:47:59.667Z. The information provided is limited, and defenders should verify the affected scope and severity with the vendor. No additional information is available about the vulnerability's exploitation or impact.
Official resources
-
CVE-2026-12379 CVE record
CVE.org
-
CVE-2026-12379 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
a59d8014-47c4-4630-ab43-e1b13cbe58e3
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-16T16:18:59.320Z and has not been modified since then.