CVE-2026-9566 in teableinfo

Zusammenfassung

von MITRE • 26.05.2026

A vulnerability was identified in teableio teable up to 1.9.x. This impacts an unknown function of the file apps/nextjs-app/src/features/auth/pages/LoginPage.tsx of the component Sign-up. The manipulation of the argument redirect leads to cross site scripting. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. Upgrading to version release.2026-04-21T08-57-20Z.1513 will fix this issue. The affected component should be upgraded. The vendor confirms: "The default branch of teableio/teable is develop, and the reported login redirect issue has already been fixed there. The login redirect flow now validates the redirect parameter with isValidRedirectPath() before navigation, which blocks javascript:, data:, and cross-origin redirects."

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

VulDB

Veröffentlichung

26.05.2026

Moderieren

akzeptiert

Eintrag

VDB-365628

CPE

bereit

CWE

CWE-79 (bestätigt)

Exploit

Download

CVSS

4.3 (VulDB)

EPSS

0.00039

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-9566
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-9566
CVE Details	https://www.cvedetails.com/cve/CVE-2026-9566/

◂ Zurück Übersicht Weiter ▸

Do you know our Splunk app?

Download it now for free!