Skip to main content

Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

© 2026 Mondoo, Inc.

Log in Get Assessment

Vulnerability IntelligenceCVE-2026-12863

CVE-2026-12863

MEDIUM5.1

Open redirect

Published Jun 22, 2026

Modified Today

Details

An unvalidated redirect was contained in Venueless' social login functionality and could be exploited for phishing using trusted domains.

References

https://github.com/venueless/venueless/security/advisories/GHSA-m87f-7c4r-w4p3

https://www.cve.org/CVERecord?id=CVE-2026-12863

CVSS Analysis

CVSS v4.0

5.1

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Attack Requirements

NoneAT:N

Privileges Required

LowPR:L

User Interaction

PassiveUI:P

Vulnerable System

Vuln. Confidentiality

NoneVC:N

Vuln. Integrity

LowVI:L

Vuln. Availability

NoneVA:N

Subsequent System

Subseq. Confidentiality

NoneSC:N

Subseq. Integrity

LowSI:L

Subseq. Availability

NoneSA:N

5.1/CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N

Weakness Type (CWE)

Input Validation

Ecosystems

Timeline

PublishedJun 22, 2026

ModifiedJun 23, 2026

CVE-2026-12863 | Mondoo Vulnerability Intelligence