CVE-2026-2376

Name of the Vulnerable Software and Affected Versions mirror-registry (affected versions not specified)

Description An issue exists in mirror-registry where an authenticated user can manipulate the system into accessing unintended internal or restricted systems by supplying malicious web addresses. The application automatically follows redirects without validating the final destination when processing these addresses, enabling attackers to route requests to unauthorized systems. The flaw allows attackers to bypass access controls and potentially access sensitive resources.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.