CVE-2026-22032: Directus has open redirect in SAML

January 6, 2026 (updated January 8, 2026)

An open redirect vulnerability exists in the Directus SAML authentication callback endpoint. The RelayState parameter is used in redirects without proper validation against an allowlist of permitted domains.

References

github.com/advisories/GHSA-3573-4c68-g8cc
github.com/directus/directus
github.com/directus/directus/commit/dad9576ea9362905cc4de8028d3877caff36dc23
github.com/directus/directus/security/advisories/GHSA-3573-4c68-g8cc
nvd.nist.gov/vuln/detail/CVE-2026-22032

Code Behaviors & Features

Detect and mitigate CVE-2026-22032 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →