PT-2026-29889 · Unknown · Hoppscotch
Aikido-Security
+2
·
Published
2026-04-02
·
Updated
2026-04-03
·
CVE-2026-34931
CVSS v3.1
9.6
Critical
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
hoppscotch versions prior to 2026.3.0
Description
hoppscotch, an open source API development ecosystem, contains an open redirect flaw. This flaw can result in the theft of tokens, potentially allowing an attacker to compromise user accounts by signing in as the victim.
Recommendations
Update hoppscotch to version 2026.3.0 or later.
Fix
Open Redirect
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hoppscotch