What is CVE-2026-34442?

CVE-2026-34442 is a medium-severity vulnerability in Freescout-help-desk Freescout, classified under Improper Input Validation. CVSS score: 5.4/10. Published 2026-03-31.

How severe is CVE-2026-34442?

Medium severity. CVSS v3 base score is 5.4 out of 10.

Open Redirect in Freescout-help-desk Freescout

CVE-2026-34442

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.211, host header manipulation in FreeScout version (http://localhost:8080/system/status) allows an attacker to inject an arbitrary doma…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.001 (29.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.4 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N.

Affected products

Freescout-help-desk Freescout — versions < 1.8.211

Weakness classification (CWE)

References

https://github.com/freescout-help-desk/freescout/security/advisories/GHSA-822g-7rw5-53xj (x_refsource_CONFIRM)
https://github.com/freescout-help-desk/freescout/commit/889d75c8e3c15e6a7ddb6a4d4f65cc0379c29213 (x_refsource_MISC)
https://github.com/freescout-help-desk/freescout/releases/tag/1.8.211 (x_refsource_MISC)

Frequently asked questions

What is CVE-2026-34442?: CVE-2026-34442 is a medium-severity vulnerability in Freescout-help-desk Freescout, classified under Improper Input Validation. CVSS score: 5.4/10. Published 2026-03-31.
How severe is CVE-2026-34442?: Medium severity. CVSS v3 base score is 5.4 out of 10.