cbcvebase.
CVE-2026-29067
published 2026-03-07

CVE-2026-29067: ZITADEL is an open source identity management platform. From version 4.0.0-rc.1 to 4.7.0, a potential vulnerability exists in ZITADEL's password reset…

PriorityP354critical9.3CVSS 3.1
AVNACLPRNUIRSCCHIHAN
EPSS
0.32%
23.9th percentile
ZITADEL is an open source identity management platform. From version 4.0.0-rc.1 to 4.7.0, a potential vulnerability exists in ZITADEL's password reset mechanism in login V2. ZITADEL utilizes the Forwarded or X-Forwarded-Host header from incoming requests to construct the URL for the password reset confirmation link. This link, containing a secret code, is then emailed to the user. This issue has been patched in version 4.7.1.

Affected

7 ranges
VendorProductVersion rangeFixed in
github.comzitadel_zitadel>= 0 < 1.80.0-v2.20.0.20251208091519-4c879b47334e1.80.0-v2.20.0.20251208091519-4c879b47334e
github.comzitadel_zitadel1.83.4 – 1.87.5
github.comzitadel_zitadel>= 1.83.4
github.comzitadel_zitadel>= 4.0.0-rc.1 < 4.7.14.7.1
github.comzitadel_zitadel_v2>= 0 < 1.80.0-v2.20.0.20251208091519-4c879b47334e1.80.0-v2.20.0.20251208091519-4c879b47334e
zitadelzitadel
zitadelzitadel>= 4.0.0 < 4.7.14.7.1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.