CVE Catalog

CVE-2026-41479

MediumCVSS 5.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.16%

6th percentile — higher than 6% of all known CVEs

Summary

The Authlib library before versions 1.6.10 and 1.7.1 contains an unauthenticated open redirect vulnerability in the OAuth 2.0 authorization endpoint. By sending a request with an unsupported response_type and an attacker-controlled redirect_uri, an HTTP 302 response redirecting to an arbitrary URL can be obtained.

Risk Assessment

An attacker can exploit this vulnerability for phishing or social engineering, redirecting users to malicious sites without needing a valid client registration, authentication, or any prior state.

Recommendation

Immediately update the Authlib library to version 1.6.10 or 1.7.1, which contain the fix for this vulnerability.

Original NVD description (English source)

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to 1.6.10 and 1.7.1, Authlib's OAuth 2.0 authorization endpoint can be turned into an unauthenticated open redirect when a request uses an unsupported response_type and supplies an attacker-controlled redirect_uri. The vulnerable behavior happens before client lookup and before any redirect URI validation. As a result, an attacker does not need a valid client registration, an authenticated user, or any prior state. A single request to the authorization endpoint is enough to obtain a 302 Location response to an arbitrary attacker-controlled URL. This vulnerability is fixed in 1.6.10 and 1.7.1.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS