CVE-2026-41226

Open redirect vulnerability exists in Multiple laser printers and MFPs which implement Ricoh Web Image Monitor. When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack...

PT-2026-36045

Name of the Vulnerable Software and Affected Versions Ricoh Web Image Monitor affected versions not specified Description An open redirect issue exists in multiple laser printers and MFPs implementing Ricoh Web Image Monitor. By accessing a specially crafted URL, a user can be redirected to an...

CVE-2026-33205

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a Server-Side Request Forgery vulnerability in the background-image endpoint of calibre e-book reader's web view allows an attacker to perform blind GET requests to arbitra...

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect via the preventopenredirect function. An attacker can cause users to be redirected to arbitrary external websites by tricking them into clicking on specially crafted URLs. Remediation A fix was pushed into the master branc...

CVE-2019-25282

Summary of CVE-2019-25282 (V-SOL GPON/EPON OLT Platform) The issue is an open redirect vulnerability in the bindProfile.html script of V-SOL GPON/EPON OLT Platform, affecting versions 2.03 and 2.03.62R IPv6. The root cause is improper validation of the GET parameter named parent , allowing an att...

CVE-2025-15112

Ksenia Security Lares 4.0 Home Automation 1.6 contains a URL redirection vulnerability in the cmdOk.xml script. The issue arises from accepting and manipulating the redirectPage GET parameter, enabling an attacker to craft links that redirect authenticated users to arbitrary websites when the use...

CVE-2025-34504

KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows attackers to manipulate the 'link' parameter. Attackers can craft malicious URLs in the link parameter to redirect users to arbitrary external websites after authentication...

CVE-2025-34504 KodExplorer 4.52 Open Redirect Vulnerability via User Login Endpoint

KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows attackers to manipulate the 'link' parameter. Attackers can craft malicious URLs in the link parameter to redirect users to arbitrary external websites after authentication...

CVE-2025-34504

CVE-2025-34504 affects KodExplorer 4.52. The vulnerability is an open redirect on the user login page where the attacker-controlled link parameter can redirect authenticated users to arbitrary external sites. Root cause: improper validation of the login URL’s link parameter. Impact: potential cre...

EUVD-2025-199977

Open redirect in the web server component of MiR Robot and Fleet software allows a remote attacker to redirect users to arbitrary external websites via a crafted parameter, facilitating phishing or social engineering attacks...

GHSA-PFRV-63W8-Q7RQ Byaidu PDFMathTranslate vulnerable to open redirect

An open redirect vulnerability exists in Byaidu PDFMathTranslate v1.9.9 that allows attackers to craft URLs that cause the application to redirect users to arbitrary external websites via the file parameter to the /gradioapi endpoint. This vulnerability could be exploited for phishing attacks or ...

EUVD-2023-32494

Malicious code in bioql PyPI...

EUVD-2023-0102

Malicious code in bioql PyPI...

CVE-2025-57872

There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks...

CVE-2025-57872

The CVE-2025-57872 entry concerns Esri Portal for ArcGIS 11.4 and earlier, which contains an unvalidated redirect vulnerability. An unauthenticated remote attacker could craft a URL that redirects victims to an attacker‑controlled site, potentially enabling phishing. Public details across sources...

CVE-2025-57879 BUG-000171009 - URL manipulation vulnerability in Portal for ArcGIS.

There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks...

PT-2025-39865

Name of the Vulnerable Software and Affected Versions Esri Portal for ArcGIS versions 11.4 and below Description An unvalidated redirect issue exists in Esri Portal for ArcGIS. A remote, unauthenticated attacker can create a malicious URL that redirects a user to an arbitrary website, potentially...

CVE-2025-41408

Improper authorization in handler for custom URL scheme issue in "Yahoo! Shopping" App for Android versions prior to 14.15.0 allows a remote unauthenticated attacker may lead a user to access an arbitrary website on the vulnerable App. As a result, the user may become a victim of a phishing attac...

Akinsoft QR Menü Open Redirect Vulnerability

Akinsoft QR Menü is a digitized QR code menu system from Akinsoft Turkey. An open redirection vulnerability exists in Akinsoft QR Menü versions prior to s1.05.05 to v1.05.12. The vulnerability stems from the system's failure to reasonably handle target jumps, which can be exploited by an attacker...

Linux Distros Unpatched Vulnerability : CVE-2022-3381

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 10.0 to 15.7.8, 15.8 prior to 15.8.4 and 15.9 prior to 15.9.2. A crafted URL could b...