Part of Lyceum Intelligence — deep-research In Focus reports → · Lyceum Corpus — ask the documents →

Full-text search across 381 articles. Typo-tolerant.

Lyceum News Desk ·

CVE-2026-6795 -- CVSS 9.6 Vulnerability Briefing

CVE-2026-6795 | CVSS 9.6 (Critical) | Exploit: No known exploit

What Is It

CVE-2026-6795 is an open redirect vulnerability in DivvyDrive, a product of DivvyDrive Information Technologies Inc., affecting versions from 4.8.2.9 up to but not including the patched release, where insufficient validation of user-supplied URL parameters enables redirection to attacker-controlled external sites.

Technical Detail

The flaw exists in DivvyDrive's handling of URL parameters, where the application fails to validate or restrict redirect destinations, allowing an attacker to inject an arbitrary external URL via a crafted parameter. An attacker can deliver a malicious link that appears to originate from a trusted DivvyDrive domain, redirecting victims to phishing pages, credential harvesting sites, or malware distribution infrastructure. While open redirects do not directly result in remote code execution or privilege escalation, they are frequently chained with phishing campaigns and OAuth token theft attacks, and the CVSS score of 9.6 suggests additional attack vector considerations such as network accessibility and low complexity of exploitation.

Exploitation Status

No known exploit code has been publicly observed or documented for this vulnerability as of May 14, 2026. The exploit maturity is rated at the lowest tier with no confirmed proof-of-concept or active exploitation. CVE-2026-6795 is not currently listed in the CISA Known Exploited Vulnerabilities catalog. This status should be monitored, as open redirect vulnerabilities are straightforward to exploit once the injection point is identified.

Who Is Targeting This

No specific threat actor attribution at this time. No campaigns, targeted sectors, or adversary groups have been associated with this vulnerability in available intelligence. Organizations using DivvyDrive in sectors that handle sensitive credentials or personal data should treat this as a relevant phishing enablement risk regardless of current attribution gaps.

What To Do

Organizations running DivvyDrive versions from 4.8.2.9 should upgrade to the latest available release that addresses this vulnerability as a priority action. Until patching is complete, administrators should review application logs for anomalous redirect parameter usage and consider implementing web application firewall rules to block or alert on requests containing external URLs in redirect parameters. User awareness communications are advisable given the phishing potential of this class of vulnerability. Monitor the CISA KEV catalog and vendor security advisories for updates to exploitation status.

In Focus
All analysis →

Deep-research intelligence reports from Lyceum Intelligence — structured assessments with sourced claims and calibrated conclusions.

Browse Intelligence Reports →