{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-12804", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-06-21T04:09:21.573Z", "datePublished": "2026-06-21T18:30:07.377Z", "dateUpdated": "2026-06-22T15:52:04.231Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-06-22T15:52:04.231Z"}, "title": "lemonldap-ng SAML Common Domain Cookie Endpoint CDC.pm redirect", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-601", "lang": "en", "description": "Open Redirect"}]}], "affected": [{"vendor": "n/a", "product": "lemonldap-ng", "versions": [{"version": "2.0", "status": "affected"}, {"version": "2.1", "status": "affected"}, {"version": "2.2", "status": "affected"}, {"version": "2.3", "status": "affected"}, {"version": "2.4", "status": "affected"}, {"version": "2.5", "status": "affected"}, {"version": "2.6", "status": "affected"}, {"version": "2.7", "status": "affected"}, {"version": "2.8", "status": "affected"}, {"version": "2.9", "status": "affected"}, {"version": "2.10", "status": "affected"}, {"version": "2.11", "status": "affected"}, {"version": "2.12", "status": "affected"}, {"version": "2.13", "status": "affected"}, {"version": "2.14", "status": "affected"}, {"version": "2.15", "status": "affected"}, {"version": "2.16", "status": "affected"}, {"version": "2.17", "status": "affected"}, {"version": "2.18", "status": "affected"}, {"version": "2.19", "status": "affected"}, {"version": "2.20", "status": "affected"}, {"version": "2.21", "status": "affected"}, {"version": "2.22", "status": "affected"}, {"version": "2.23.0", "status": "affected"}], "cpes": ["cpe:2.3:a:lemonldap-ng:lemonldap-ng:*:*:*:*:*:*:*:*"], "modules": ["SAML Common Domain Cookie Endpoint"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is possible to be carried out remotely. The exploit is now public and may be used. Applying a patch is the recommended action to fix this issue. The vendor confirms, that \"it has been fixed some days ago and will be available in 2.23.1. CDC is quite never used, so the impact is very low.\""}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C"}}], "timeline": [{"time": "2026-06-21T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-06-21T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-06-22T17:56:58.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "geochen (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/372598", "name": "VDB-372598 | lemonldap-ng SAML Common Domain Cookie Endpoint CDC.pm redirect", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/372598/cti", "name": "VDB-372598 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/cve/CVE-2026-12804", "name": "CVE-2026-12804 | CVE Analysis and Report", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/836105", "name": "Submit #836105 | lemonldap lemonldap-ng ca7af863ac5f60d127ba01e8661c0365be374d4b Open Redirect", "tags": ["third-party-advisory"]}, {"url": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/work_items/3619", "tags": ["related"]}, {"url": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/979", "tags": ["patch"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-22T10:27:57.331935Z", "id": "CVE-2026-12804", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-22T10:28:14.299Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "lemonldap-ng SAML Common Domain Cookie Endpoint CDC.pm redirect", "credits": [{"lang": "en", "type": "reporter", "value": "geochen (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB CNA Team"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"}}], "affected": [{"cpes": ["cpe:2.3:a:lemonldap-ng:lemonldap-ng:*:*:*:*:*:*:*:*"], "vendor": "n/a", "modules": ["SAML Common Domain Cookie Endpoint"], "product": "lemonldap-ng", "versions": [{"status": "affected", "version": "2.0"}, {"status": "affected", "version": "2.1"}, {"status": "affected", "version": "2.2"}, {"status": "affected", "version": "2.3"}, {"status": "affected", "version": "2.4"}, {"status": "affected", "version": "2.5"}, {"status": "affected", "version": "2.6"}, {"status": "affected", "version": "2.7"}, {"status": "affected", "version": "2.8"}, {"status": "affected", "version": "2.9"}, {"status": "affected", "version": "2.10"}, {"status": "affected", "version": "2.11"}, {"status": "affected", "version": "2.12"}, {"status": "affected", "version": "2.13"}, {"status": "affected", "version": "2.14"}, {"status": "affected", "version": "2.15"}, {"status": "affected", "version": "2.16"}, {"status": "affected", "version": "2.17"}, {"status": "affected", "version": "2.18"}, {"status": "affected", "version": "2.19"}, {"status": "affected", "version": "2.20"}, {"status": "affected", "version": "2.21"}, {"status": "affected", "version": "2.22"}, {"status": "affected", "version": "2.23.0"}]}], "timeline": [{"lang": "en", "time": "2026-06-21T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-06-21T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-06-21T06:14:25.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/372598", "name": "VDB-372598 | lemonldap-ng SAML Common Domain Cookie Endpoint CDC.pm redirect", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/372598/cti", "name": "VDB-372598 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/cve/CVE-2026-12804", "name": "CVE-2026-12804 | CVE Analysis and Report", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/836105", "name": "Submit #836105 | lemonldap lemonldap-ng ca7af863ac5f60d127ba01e8661c0365be374d4b Open Redirect", "tags": ["third-party-advisory"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-601", "description": "Open Redirect"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-06-21T18:30:07.377Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-12804", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-22T10:27:57.331935Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-06-22T10:28:02.187Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-12804", "state": "PUBLISHED", "dateUpdated": "2026-06-21T18:30:07.377Z", "dateReserved": "2026-06-21T04:09:21.573Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-06-21T18:30:07.377Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{}

{"bugzilla": {"description": "lemonldap-ng: Lemonldap-NG: Open Redirect via URL manipulation in SAML Common Domain Cookie Endpoint", "id": "2491214", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2491214"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "status": "draft"}, "cwe": "CWE-601", "details": ["A flaw was found in lemonldap-ng. A remote attacker could exploit this vulnerability by manipulating the 'url' argument within the SAML Common Domain Cookie Endpoint. This manipulation results in an open redirect, potentially leading to users being redirected to arbitrary malicious websites."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2026-12804", "public_date": "2026-06-21T18:30:07Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-12804\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-12804\nhttps://vuldb.com/cve/CVE-2026-12804\nhttps://vuldb.com/submit/836105\nhttps://vuldb.com/vuln/372598\nhttps://vuldb.com/vuln/372598/cti"], "statement": "This Moderate impact flaw in Lemonldap-NG allows a remote attacker to perform an open redirect by manipulating the 'url' argument in the SAML Common Domain Cookie Endpoint. This could lead to users being unknowingly redirected to arbitrary malicious sites, posing a phishing risk. The vulnerability requires user interaction, as a victim must click a specially crafted link.", "threat_severity": "Moderate"}