CVE Catalog

CVE-2026-6795

Critical
Published: Translated: NVD NIST

Summary

CVE-2026-6795 describes a URL redirection to an untrusted site ('open redirect') vulnerability in DivvyDrive. It allows for parameter injection, potentially leading to unauthorized access.

Risk Assessment

The organization may be exposed to phishing attacks and other security threats that could arise from the exploitation of this vulnerability.

Recommendation

It is recommended to update DivvyDrive to version 4.8.3.2 or later to mitigate this vulnerability.

Original NVD description (English source)

URL redirection to untrusted site ('open redirect') vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Parameter Injection. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS