{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-26T11:26:16.445","vulnerabilities":[{"cve":{"id":"CVE-2026-29192","sourceIdentifier":"security-advisories@github.com","published":"2026-03-07T15:15:55.710","lastModified":"2026-06-17T10:29:45.207","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"ZITADEL is an open source identity management platform. From version 4.0.0 to 4.11.1, a vulnerability in Zitadel's login V2 interface was discovered that allowed a possible account takeover via Default URI Redirect. This issue has been patched in version 4.12.0."},{"lang":"es","value":"ZITADEL es una plataforma de gestión de identidades de código abierto. Desde la versión 4.0.0 hasta la 4.11.1, se descubrió una vulnerabilidad en la interfaz de inicio de sesión V2 de Zitadel que permitía una posible toma de control de cuenta a través de la redirección de URI predeterminada. Este problema ha sido parcheado en la versión 4.12.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"zitadel","product":"zitadel","versions":[{"version":">= 4.0.0, < 4.12.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.3,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-09T20:39:42.474571Z","id":"CVE-2026-29192","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zitadel:zitadel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.12.0","matchCriteriaId":"45902C32-E4BA-459E-80C0-19CBDA6CD5F4"}]}]}],"references":[{"url":"https://github.com/zitadel/zitadel/security/advisories/GHSA-6rx5-m2rc-hmf7","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}}]}