Vulnerabilities

Report: CVE-2026-40039 - Pachno 1.0.6 Open Redirection via return_to Parameter - Guide

2026-04-13 0 views admin

CVE ID :CVE-2026-40039 Published : April 13, 2026, 7:16 p.m. | 32 minutes ago Description :Pachno 1.0.6 contains an open redirection vulnerability that allows attackers to redirect users to arbitrary external websites by manipulating the return_to parameter. Attackers can craft malicious login URLs with unvalidated return_to values to conduct phishing attacks and steal user credentials. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-40039

Severity

HIGH

Published

April 13, 2026

🏷️ Tags

report40039pachnoredirectionreturn_toparameterguidepublishedcvecve-2026-40039

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-40039 - Pachno 1.0.6 Open Redirection via return_to Parameter - Guide

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-2582 - Germanized for WooCommerce <= 3.20.5 - unauthenticated arbitrary shortcode execution

Report: Ultimate Guide: CVE-2026-1607 - Surbma | Booking.com <= 2.1 - authenticated (contributor+) stored cross-site scri...

Report: Ultimate Guide: CVE-2026-40287 - PraisonAI has RCE via Automatic tools.py Import

Report: CVE-2026-40289 - PraisonAI Browser Server allows unauthenticated WebSocket clients to hijack conn

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting