Mirror Registry Authenticated Redirect Spoof (CVE-2026-2376)
CVE-2026-2376 Published on March 12, 2026
Mirror-registry: quay: quay: server-side request forgery via open redirect vulnerability in web interface
A flaw was found in mirror-registry where an authenticated user can trick the system into accessing unintended internal or restricted systems by providing malicious web addresses.
When the application processes these addresses, it automatically follows redirects without verifying the final destination, allowing attackers to route requests to systems they should not have access to.
Vulnerability Analysis
CVE-2026-2376 is exploitable with network access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. Public availability of a proof of concept (POC) exploit exists for CVE-2026-2376. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.
Timeline
Reported to Red Hat.
Made public. 20 days later.
Weakness Type
What is an Open Redirect Vulnerability?
A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks. An http parameter may contain a URL value and could cause the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. Because the server name in the modified link is identical to the original site, phishing attempts have a more trustworthy appearance.
CVE-2026-2376 has been classified to as an Open Redirect vulnerability or weakness.
Products Associated with CVE-2026-2376
stack.watch emails you whenever new vulnerabilities are published in Red Hat Mirror Registry or Red Hat Quay. Just hit a watch button to start following.
