What is the CVSS score of CVE-2026-6795?

CVE-2026-6795 has a CVSS 3.1 base score of 9.6 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of DivvyDrive are affected by CVE-2026-6795?

DivvyDrive versions 4.8.2.9 through 4.8.3.1 contain a critical open redirect vulnerability (CVSS 9.6) that allows unauthenticated attackers to redirect users to malicious websites, creating…. A patch is available.

DivvyDrive CVE-2026-6795

EUVD-2026-28375 CRITICAL

URL Redirection to Untrusted Site (Open Redirect) (CWE-601)

2026-05-07 TR-CERT

GHSA-g28p-hp32-cg73

Open Redirect

9.6

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch available

May 07, 2026 - 15:02 EUVD

Analysis Generated

May 07, 2026 - 14:30 vuln.today

CVE Published

May 07, 2026 - 12:58 nvd

CRITICAL 9.6

DescriptionNVD

URL redirection to untrusted site ('open redirect') vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Parameter Injection.

This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2.

AnalysisAI

Open redirect vulnerability in DivvyDrive 4.8.2.9 through 4.8.3.1 allows remote unauthenticated attackers to redirect users to malicious sites via parameter injection, achieving high-severity impact across confidentiality, integrity, and availability with scope change. The CVSS 9.6 (Critical) score reflects cross-site scope change and combined impacts, though typical open redirect attacks involve phishing rather than direct system compromise. …

RemediationAI

Within 24 hours: Identify all systems running DivvyDrive 4.8.2.9 through 4.8.3.1 and communicate critical patch requirement to stakeholders. Within 7 days: Contact DivvyDrive vendor to confirm patch timeline and interim mitigation options; implement URL parameter validation controls if available. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-6795 vulnerability details – vuln.today

Back

DivvyDrive CVE-2026-6795

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code