What is the CVSS score of CVE-2026-35411?

CVE-2026-35411 has a CVSS 3.1 base score of 4.3 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N. EPSS exploitation probability: 0.0%.

Is there a patch available for CVE-2026-35411?

Yes, a patch is available for CVE-2026-35411. Update the affected software to the latest version immediately.

Open Redirect CVE-2026-35411

MEDIUM

URL Redirection to Untrusted Site (Open Redirect) (CWE-601)

2026-04-04 https://github.com/directus/directus

GHSA-q75c-4gmv-mg9x

Open Redirect

4.3

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

Lifecycle Timeline

Patch released

Apr 04, 2026 - 08:30 nvd

Patch available

Analysis Generated

Apr 04, 2026 - 06:15 vuln.today

CVE Published

Apr 04, 2026 - 06:08 nvd

MEDIUM 4.3

Blast Radius

ecosystem impact

† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth

3 npm packages depend on directus (1 direct, 2 indirect)

Ecosystem-wide dependent count for version 11.16.1.

DescriptionNVD

Summary

Directus is vulnerable to an Open Redirect via the redirect query parameter on the /admin/tfa-setup page. When an administrator who has not yet configured Two-Factor Authentication (2FA) visits a crafted URL, they are presented with the legitimate Directus 2FA setup page. After completing the setup process, the application redirects the user to the attacker-controlled URL specified in the redirect parameter without any validation.

This vulnerability could be used in phishing attacks targeting Directus administrators, as the initial interaction occurs on a trusted domain.

Credits

Discovered by Neo by ProjectDiscovery (https://neo.projectdiscovery.io/)

AnalysisAI

Open redirect vulnerability in Directus allows unauthenticated attackers to redirect administrators to attacker-controlled URLs after 2FA setup completion via crafted /admin/tfa-setup redirect parameter. The attack leverages user interaction on the trusted Directus domain before redirecting to a malicious site, enabling phishing campaigns targeting administrators. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-35411 vulnerability details – vuln.today

Back

Open Redirect CVE-2026-35411

CVSS VectorNVD

Lifecycle Timeline

Blast Radius

DescriptionNVD

Summary

Credits

AnalysisAI

Full analysis requires sign-in

Share

External POC / Exploit Code