CVE-2026-23818

Name of the Vulnerable Software and Affected Versions HPE Aruba Networking Private 5G Core On-Prem (affected versions not specified)

Description A flaw in the graphical user interface (GUI) login flow allows an attacker to use a crafted URL to perform an open redirect. This can be used in phishing-style attacks to redirect authenticated users to a spoofed login page on an attacker-controlled server to capture credentials before returning the user to the legitimate login page.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.