CVE-2026-59713
Leantime - OIDC Login CSRF via Unconditional State Verification Stub
CVSS Score
8.1
EPSS Score
0.2%
EPSS Percentile
5th
Leantime contains an OIDC login CSRF vulnerability in the verifyState() method that unconditionally returns true without validating state parameters. Attackers can craft malicious callback URLs with attacker-controlled authorization codes to perform session fixation, logging victims in as the attacker.
| CWE | CWE-352 |
| Vendor | leantime |
| Product | leantime |
| Published | Jul 6, 2026 |
| Last Updated | Jul 9, 2026 |
Stay Ahead of the Next One
Get instant alerts for leantime leantime
Be the first to know when new high vulnerabilities affecting leantime leantime are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
Affected Versions
Leantime / Leantime
0 โค 3.4.4
References
github.com: https://github.com/Leantime/leantime/issues/3535 github.com: https://github.com/Leantime/leantime github.com: https://github.com/Leantime/leantime/commit/9630eb7db682fb1b4e23cdabf3428d03ec6f5094 vulncheck.com: https://www.vulncheck.com/advisories/leantime-oidc-login-csrf-via-unconditional-state-verification-stub
Credits
๐ George Chen