A vulnerability, which was classified as problematic , has been found in lemonldap-ng up to 2.23.0 . Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint . Performing a manipulation of the argument url results in open redirect. This vulnerability is reported as CVE-2026-12804 . The attack is possible to be carried out remotely. Moreover, an exploit is present. The vendor was contacted early about thi