CVE-2026-2376

4.9 MEDIUM

A flaw was found in mirror-registry where an authenticated user can trick the system into accessing unintended internal or restricted sys...

Published: 2026-03-12 · Last updated: 2026-06-02

Severity and scoring

CVSS: 4.9 MEDIUM
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
CWE: CWE-601

Affected products

Vendor	Product
redhat	mirror_registry, quay

Description

A flaw was found in mirror-registry where an authenticated user can trick the system into accessing unintended internal or restricted systems by providing malicious web addresses. When the application processes these addresses, it automatically follows redirects without verifying the final destination, allowing attackers to route requests to systems they should not have access to.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-2376
[Vendor advisory]https://access.redhat.com/security/cve/CVE-2026-2376
[Vendor advisory]https://bugzilla.redhat.com/show_bug.cgi?id=2439117
[Patch]https://github.com/quay/quay/pull/5074

Related CVEs

Same vendor

CVE-2026-1767 — A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` component (5.6 MEDIUM)
CVE-2026-1766 — A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracker-extract-mp3 com... (5.6 MEDIUM)
CVE-2026-11793 — A stack buffer overflow flaw was found in 389 Directory Server (4.9 MEDIUM)
CVE-2026-11790 — A flaw was found in 389 Directory Server (4.9 MEDIUM)
CVE-2026-11789 — A flaw was found in 389 Directory Server (4.9 MEDIUM)

Same CWE

CVE-2026-53523 — Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool (6.8 MEDIUM)
CVE-2026-50089 — The Aqara IAM/SSO Gateway (gw-builder.aqara.com) provides an open redirect, which is an instance of "CWE-601: URL Redirection to Untruste... (6.1 MEDIUM)
CVE-2026-46616 — Umbraco is an ASP.NET CMS (5.4 MEDIUM)
CVE-2026-48856 — Sensitive Data Exposure vulnerability in Erlang OTP inets (httpc_response module) allows Retrieve Embedded Sensitive Data (6.5 MEDIUM)
CVE-2026-45566 — Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers (6.1 MEDIUM)