Vulnerabilities

Report: CVE-2026-34931 - hoppscotch: Improper loopback redirect_uri validation in device-login flow

2026-04-02 0 views admin

CVE ID :CVE-2026-34931 Published : April 2, 2026, 8:16 p.m. | 1 hour, 3 minutes ago Description :hoppscotch is an open source API development ecosystem. Prior to version 2026.3.0, there is an open redirect vulnerability that leads to token exfiltration. With these tokens, the attacker can sign in as the victim to takeover their account. This issue has been patched in version 2026.3.0. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-34931

Severity

HIGH

Published

April 2, 2026

🏷️ Tags

report34931hoppscotchimproperloopbackredirect_urivalidationdevicelogincve

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-34931 - hoppscotch: Improper loopback redirect_uri validation in device-login flow

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: Complete Guide to CVE-2026-34762 - Ella Core Has Audit Log Falsification via Path/Body IMSI Mismatch in UpdateSubsc...

Report: Breaking: CVE-2026-34761 - Ella Core Panics Upon NGAP handover failure

Report: CVE-2026-34760 - vLLM: Downmix Implementation Differences as Attack Vectors Against Audio AI Models - 2025 Update

Report: CVE-2026-34825 - NocoBase Has SQL Injection via template variable substitution in workflow SQL node - 2025 Update

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting