CWE-601— URL Redirection to Untrusted Site (Open Redirect)
1,358 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-601page 26 of 28
- CVE-2026-10856MEDIUMCVSS 5.1EG 5.12026-06-04
A URL validation flaw in the MISP dashboard button widget allowed a crafted relative-looking URL to be accepted as a local path while being interpreted by browsers as an external URL. The validation rejected URLs containing an explicit sch…
- CVE-2026-10861MEDIUMCVSS 5.1EG 5.12026-06-04
An open redirect vulnerability existed in MISP UsersController::routeafterlogin() because the value stored in the pre_login_requested_url session key was used as the post-login redirect destination without sufficiently enforcing that it wa…
- CVE-2026-1406LOWCVSS 3.5EG 3.52026-01-25
A vulnerability was determined in lcg0124 BootDo up to 5ccd963c74058036b466e038cff37de4056c1600. Affected by this vulnerability is the function redirectToLogin of the file AccessControlFilter.java of the component Host Header Handler. This…
- CVE-2026-1970LOWCVSS 3.5EG 3.52026-02-05
A flaw has been found in Edimax BR-6258n up to 1.18. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup. This manipulation of the argument submit-url causes open redirect. The attack can be initiated remote…
- CVE-2026-20060MEDIUMCVSS 4.7EG 4.72026-04-15
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP r…
- CVE-2026-20123MEDIUMCVSS 4.3EG 4.32026-02-04
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This v…
- CVE-2026-20994MEDIUMCVSS 6.1EG 6.92026-03-16
URL redirection in Samsung Account prior to version 15.5.01.1 allows local attackers to potentially get access token.
- CVE-2026-2153MEDIUMCVSS 4.3EG 4.32026-02-08
A vulnerability was determined in mwielgoszewski doorman up to 0.6. This issue affects the function is_safe_url of the file doorman/users/views.py. Executing a manipulation of the argument Next can lead to open redirect. The attack may be …
- CVE-2026-21741LOWCVSS 2.4EG 2.42026-04-14
An URL Redirection to Untrusted Site ('Open Redirect') vulnerability [CWE-601] vulnerability in Fortinet FortiNAC-F 7.6.0 through 7.6.5, FortiNAC-F 7.4 all versions, FortiNAC-F 7.2 all versions may allow a remote privileged attacker with s…
- CVE-2026-21879MEDIUMCVSS 4.7EG 4.72026-01-08
Kanboard is project management software focused on Kanban methodology. Versions 1.2.48 and below are vulnerable to an Open Redirect attack that allows malicious actors to redirect authenticated users to attacker-controlled websites. By cra…
- CVE-2026-22032MEDIUMCVSS 4.3EG 4.32026-01-08
Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.14.0, an open redirect vulnerability exists in the Directus SAML authentication callback endpoint. During SAML authentication, the `RelayS…
- CVE-2026-22560MEDIUMCVSS 5.3EG 5.32026-04-10
An open redirect vulnerability in Rocket.Chat versions prior to 8.4.0 allows users to be redirected to arbitrary URLs by manipulating parameters within a SAML endpoint.
- CVE-2026-22912MEDIUMCVSS 4.3EG 4.32026-01-15
Improper validation of a login parameter may allow attackers to redirect users to malicious websites after authentication. This can lead to various risk including stealing credentials from unsuspecting users.
- CVE-2026-23726MEDIUMCVSS 6.1EG 6.12026-01-16
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, An Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combin…
- CVE-2026-23727MEDIUMCVSS 6.1EG 6.12026-01-16
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combin…
- CVE-2026-23728MEDIUMCVSS 6.1EG 6.12026-01-16
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combin…
- CVE-2026-23729MEDIUMCVSS 6.1EG 6.12026-01-16
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combin…
- CVE-2026-23730MEDIUMCVSS 6.1EG 6.12026-01-16
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combin…
- CVE-2026-2376MEDIUMCVSS 4.9EG 4.92026-03-12
A flaw was found in mirror-registry where an authenticated user can trick the system into accessing unintended internal or restricted systems by providing malicious web addresses. When the application processes these addresses, it automa…
- CVE-2026-23818HIGHCVSS 8.8EG 8.82026-04-07
A vulnerability has been identified in the graphical user interface (GUI) of HPE Aruba Networking Private 5G Core On-Prem that could allow an attacker to abuse an open redirect vulnerability in the login flow using a crafted URL. Successfu…
- CVE-2026-24052HIGHCVSS 7.4EG 7.42026-02-03
Claude Code is an agentic coding tool. Prior to version 1.0.111, Claude Code contained insufficient URL validation in its trusted domain verification mechanism for WebFetch requests. The application used a startsWith() function to validate…
- CVE-2026-24323MEDIUMCVSS 6.1EG 6.12026-02-10
The BSP applications allow an unauthenticated user to inject malicious script content via user-controlled URL parameters that are not sufficiently sanitized. When a victim accesses a crafted URL, the injected script is executed in the vict…
- CVE-2026-24328MEDIUMCVSS 6.1EG 6.12026-02-10
SAP TAF_APPLAUNCHER within Business Server Pages allows unauthenticated attacker to craft malicious links that, when clicked by a victim, redirect them to attacker?controlled sites, potentially exposing or altering sensitive information in…
- CVE-2026-2475LOWCVSS 3.1EG 3.12026-04-01
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow a r…
- CVE-2026-24768MEDIUMCVSS 6.1EG 6.12026-01-28
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.0, an unvalidated redirect (open redirect) vulnerability exists in NocoDB’s login flow due to missing validation of the `continueAfterSignIn` parameter. Du…
- CVE-2026-25149MEDIUMCVSS 6.1EG 6.12026-02-03
Qwik is a performance focused javascript framework. Prior to version 1.19.0, an Open Redirect vulnerability in Qwik City's default request handler middleware allows a remote attacker to redirect users to arbitrary protocol-relative URLs. S…
- CVE-2026-25198MEDIUMCVSS 4.7EG 4.72026-02-05
web2py versions 2.27.1-stable+timestamp.2023.11.16.08.03.57 and prior contain an open redirect vulnerability. If this vulnerability is exploited, the user may be redirected to an arbitrary website when accessing a specially crafted URL. As…
- CVE-2026-25651MEDIUMCVSS 6.1EG 6.12026-02-06
client-certificate-auth is middleware for Node.js implementing client SSL certificate authentication/authorization. Versions 0.2.1 and 0.3.0 of client-certificate-auth contain an open redirect vulnerability. The middleware unconditionally …
- CVE-2026-25854MEDIUMCVSS 6.1EG 6.12026-04-09
Occasional URL redirection to untrusted Site ('Open Redirect') vulnerability in Apache Tomcat via the LoadBalancerDrainingValve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through 10.1.52, from 9.0.0.…
- CVE-2026-25956MEDIUMCVSS 6.1EG 6.12026-02-10
Frappe is a full-stack web application framework. Prior to 14.99.14 and 15.94.0, an attacker could craft a malicious signup URL for a frappe site which could lead to an open redirect (or reflected XSS, depending on the crafted payload) whe…
- CVE-2026-26003MEDIUMCVSS 5.4EG 5.42026-02-10
FastGPT is an AI Agent building platform. From 4.14.0 to 4.14.5, attackers can directly access the plugin system through FastGPT/api/plugin/xxx without authentication, thereby threatening the plugin system. This may cause the plugin system…
- CVE-2026-2813MEDIUMCVSS 4.7EG 4.72026-05-20
ArcGIS Server contains an input validation weakness in the login redirection workflow. An Authenticated attacker could exploit this issue by sending a specially crafted request, Successful exploitation may result in the application redirec…
- CVE-2026-30346MEDIUMCVSS 4.3EG 4.32026-04-27
An open redirect in the /api/google/authorize endpoint of hunvreus DevPush v0.3.2 allows attackers to redirect users to malicious sites via supplying a crafted URL.
- CVE-2026-32932MEDIUMCVSS 4.7EG 4.72026-04-10
Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Open Redirect vulnerability in the session course edit page allows an attacker to redirect an authenticated administrator to an arbitrary external URL after s…
- CVE-2026-33102CRITICALCVSS 9.3EG 9.32026-04-23
Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.
- CVE-2026-3318MEDIUMCVSS 5.3EG 5.32026-05-08
Open redirection vulnerability in the latest demo version of the Cradle eCommerce platform. The vulnerability occurs in the login form endpoint, where the ‘returnUrl’ parameter allows redirection because the web application accepts a U…
- CVE-2026-33510HIGHCVSS 8.8EG 8.82026-04-06
Homarr is an open-source dashboard. Prior to 1.57.0, a DOM-based Cross-Site Scripting (XSS) vulnerability has been discovered in Homarr's /auth/login page. The application improperly trusts a URL parameter (callbackUrl), which is passed to…
- CVE-2026-33709MEDIUMCVSS 6.1EG 6.12026-04-03
JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to version 5.4.4, an open redirect vulnerability in JupyterHub allows attackers to construct links which, when clicked, take users to the Jup…
- CVE-2026-34083MEDIUMCVSS 6.1EG 6.12026-04-02
Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.24.0, SignalK Server contains a code-level vulnerability in its OIDC login and logout handlers where the unvalidated HTTP Host header is used …
- CVE-2026-34257MEDIUMCVSS 6.1EG 6.12026-04-14
Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This caus…
- CVE-2026-34283MEDIUMCVSS 6.1EG 6.12026-04-21
Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware (component: Identity Console). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated a…
- CVE-2026-34284MEDIUMCVSS 6.1EG 6.12026-04-21
Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware (component: Human workflow 11g+). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allo…
- CVE-2026-34315MEDIUMCVSS 6.5EG 6.52026-04-21
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allow…
- CVE-2026-34847MEDIUMCVSS 4.7EG 4.72026-04-02
hoppscotch is an open source API development ecosystem. Prior to version 2026.3.0, the /enter page contains a DOM-based open redirect vulnerability. The redirect query parameter is directly used to construct a URL and redirect the user wit…
- CVE-2026-34931CRITICALCVSS 9.6EG 9.62026-04-02
hoppscotch is an open source API development ecosystem. Prior to version 2026.3.0, there is an open redirect vulnerability that leads to token exfiltration. With these tokens, the attacker can sign in as the victim to takeover their accoun…
- CVE-2026-35253MEDIUMCVSS 4.7EG 4.72026-05-06
Vulnerability in the Oracle Macoron Tool product of Oracle Open Source Projects. The supported versions that is affected is v0.22.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromis…
- CVE-2026-35396MEDIUMCVSS 6.1EG 6.12026-04-06
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combin…
- CVE-2026-35398MEDIUMCVSS 6.1EG 6.12026-04-06
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combin…
- CVE-2026-35404MEDIUMCVSS 4.7EG 4.72026-04-06
Open edX Platform enables the authoring and delivery of online learning at any scale. The view_survey endpoint accepts a redirect_url GET parameter that is passed directly to HttpResponseRedirect() without any URL validation. When a non-ex…
- CVE-2026-35410MEDIUMCVSS 6.1EG 6.12026-04-06
Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, an open redirect vulnerability exists in the login redirection logic. The isLoginRedirectAllowed function fails to correctly identify certai…
Map vulnerabilities like CWE-601 to your infrastructure
EchelonGraph correlates every CVE — across CWE-601 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →