CVE-2025-59426 (GCVE-0-2025-59426)
Vulnerability from cvelistv5
Published
2025-09-25 14:00
Modified
2025-09-25 14:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Summary
Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.130.1, the project's OIDC redirect handling logic constructs the host and protocol of the final redirect URL based on the X-Forwarded-Host or Host headers and the X-Forwarded-Proto value. In deployments where a reverse proxy forwards client-supplied X-Forwarded-* headers to the origin as-is, or where the origin trusts them without validation, an attacker can inject an arbitrary host and trigger an open redirect that sends users to a malicious domain. This issue has been patched in version 1.130.1.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59426",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-25T14:18:07.599744Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T14:18:27.175Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-xph5-278p-26qx"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "lobe-chat",
"vendor": "lobehub",
"versions": [
{
"status": "affected",
"version": "\u003c 1.130.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.130.1, the project\u0027s OIDC redirect handling logic constructs the host and protocol of the final redirect URL based on the X-Forwarded-Host or Host headers and the X-Forwarded-Proto value. In deployments where a reverse proxy forwards client-supplied X-Forwarded-* headers to the origin as-is, or where the origin trusts them without validation, an attacker can inject an arbitrary host and trigger an open redirect that sends users to a malicious domain. This issue has been patched in version 1.130.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T14:00:09.629Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-xph5-278p-26qx",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-xph5-278p-26qx"
},
{
"name": "https://github.com/lobehub/lobe-chat/commit/70f52a3c1fadbd41a9db0e699d1e44d9965de445",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/lobehub/lobe-chat/commit/70f52a3c1fadbd41a9db0e699d1e44d9965de445"
},
{
"name": "https://github.com/lobehub/lobe-chat/blob/aa841a3879c30142720485182ad62aa0dbd74edc/src/app/(backend)/oidc/consent/route.ts#L113-L127",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/lobehub/lobe-chat/blob/aa841a3879c30142720485182ad62aa0dbd74edc/src/app/(backend)/oidc/consent/route.ts#L113-L127"
}
],
"source": {
"advisory": "GHSA-xph5-278p-26qx",
"discovery": "UNKNOWN"
},
"title": "lobe-chat has an Open Redirect"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-59426",
"datePublished": "2025-09-25T14:00:09.629Z",
"dateReserved": "2025-09-15T19:13:16.905Z",
"dateUpdated": "2025-09-25T14:18:27.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-59426\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-09-25T14:15:45.930\",\"lastModified\":\"2025-09-26T14:32:53.583\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.130.1, the project\u0027s OIDC redirect handling logic constructs the host and protocol of the final redirect URL based on the X-Forwarded-Host or Host headers and the X-Forwarded-Proto value. In deployments where a reverse proxy forwards client-supplied X-Forwarded-* headers to the origin as-is, or where the origin trusts them without validation, an attacker can inject an arbitrary host and trigger an open redirect that sends users to a malicious domain. This issue has been patched in version 1.130.1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-601\"}]}],\"references\":[{\"url\":\"https://github.com/lobehub/lobe-chat/blob/aa841a3879c30142720485182ad62aa0dbd74edc/src/app/(backend)/oidc/consent/route.ts#L113-L127\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/lobehub/lobe-chat/commit/70f52a3c1fadbd41a9db0e699d1e44d9965de445\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-xph5-278p-26qx\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-xph5-278p-26qx\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-59426\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-09-25T14:18:07.599744Z\"}}}], \"references\": [{\"url\": \"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-xph5-278p-26qx\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-09-25T14:18:20.239Z\"}}], \"cna\": {\"title\": \"lobe-chat has an Open Redirect\", \"source\": {\"advisory\": \"GHSA-xph5-278p-26qx\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"lobehub\", \"product\": \"lobe-chat\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.130.1\"}]}], \"references\": [{\"url\": \"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-xph5-278p-26qx\", \"name\": \"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-xph5-278p-26qx\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/lobehub/lobe-chat/commit/70f52a3c1fadbd41a9db0e699d1e44d9965de445\", \"name\": \"https://github.com/lobehub/lobe-chat/commit/70f52a3c1fadbd41a9db0e699d1e44d9965de445\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/lobehub/lobe-chat/blob/aa841a3879c30142720485182ad62aa0dbd74edc/src/app/(backend)/oidc/consent/route.ts#L113-L127\", \"name\": \"https://github.com/lobehub/lobe-chat/blob/aa841a3879c30142720485182ad62aa0dbd74edc/src/app/(backend)/oidc/consent/route.ts#L113-L127\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.130.1, the project\u0027s OIDC redirect handling logic constructs the host and protocol of the final redirect URL based on the X-Forwarded-Host or Host headers and the X-Forwarded-Proto value. In deployments where a reverse proxy forwards client-supplied X-Forwarded-* headers to the origin as-is, or where the origin trusts them without validation, an attacker can inject an arbitrary host and trigger an open redirect that sends users to a malicious domain. This issue has been patched in version 1.130.1.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-601\", \"description\": \"CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-09-25T14:00:09.629Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-59426\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-09-25T14:18:27.175Z\", \"dateReserved\": \"2025-09-15T19:13:16.905Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-09-25T14:00:09.629Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
fkie_cve-2025-59426
Vulnerability from fkie_nvd
Published
2025-09-25 14:15
Modified
2025-09-26 14:32
Severity ?
Summary
Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.130.1, the project's OIDC redirect handling logic constructs the host and protocol of the final redirect URL based on the X-Forwarded-Host or Host headers and the X-Forwarded-Proto value. In deployments where a reverse proxy forwards client-supplied X-Forwarded-* headers to the origin as-is, or where the origin trusts them without validation, an attacker can inject an arbitrary host and trigger an open redirect that sends users to a malicious domain. This issue has been patched in version 1.130.1.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.130.1, the project\u0027s OIDC redirect handling logic constructs the host and protocol of the final redirect URL based on the X-Forwarded-Host or Host headers and the X-Forwarded-Proto value. In deployments where a reverse proxy forwards client-supplied X-Forwarded-* headers to the origin as-is, or where the origin trusts them without validation, an attacker can inject an arbitrary host and trigger an open redirect that sends users to a malicious domain. This issue has been patched in version 1.130.1."
}
],
"id": "CVE-2025-59426",
"lastModified": "2025-09-26T14:32:53.583",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-09-25T14:15:45.930",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/lobehub/lobe-chat/blob/aa841a3879c30142720485182ad62aa0dbd74edc/src/app/(backend)/oidc/consent/route.ts#L113-L127"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/lobehub/lobe-chat/commit/70f52a3c1fadbd41a9db0e699d1e44d9965de445"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-xph5-278p-26qx"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"url": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-xph5-278p-26qx"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
ghsa-xph5-278p-26qx
Vulnerability from github
Published
2025-09-24 21:34
Modified
2025-09-26 16:28
Severity ?
VLAI Severity ?
Summary
lobe-chat has an Open Redirect
Details
Description
Vulnerability Overview
The project's OIDC redirect handling logic constructs the host and protocol of the final redirect URL based on the X-Forwarded-Host or Host headers and the X-Forwarded-Proto value. In deployments where a reverse proxy forwards client-supplied X-Forwarded-* headers to the origin as-is, or where the origin trusts them without validation, an attacker can inject an arbitrary host and trigger an open redirect that sends users to a malicious domain.
Vulnerable Code Analysis
```bash const internalRedirectUrlString = await oidcService.getInteractionResult(uid, result); log('OIDC Provider internal redirect URL string: %s', internalRedirectUrlString);
let finalRedirectUrl; try { finalRedirectUrl = correctOIDCUrl(request, new URL(internalRedirectUrlString)); } catch { finalRedirectUrl = new URL(internalRedirectUrlString); log('Warning: Could not parse redirect URL, using as-is: %s', internalRedirectUrlString); }
return NextResponse.redirect(finalRedirectUrl, { headers: request.headers, status: 303, }); ```
https://github.com/lobehub/lobe-chat/blob/aa841a3879c30142720485182ad62aa0dbd74edc/src/app/(backend)/oidc/consent/route.ts#L113-L127
PoC
curl Example
bash
curl -i 'http://localhost:3210/oidc/callback/desktop?code=abc&state=test123' \
-H 'X-Forwarded-Host: google.com' \
-H 'X-Forwarded-Proto: https'
Impact
- It can force users to redirect to untrusted external domains, leading to subsequent attacks such as phishing, credential harvesting, and session fixation.
- It can disrupt the OAuth/OIDC flow user experience by redirecting users to malicious domains disguised as legitimate pages (even though this path doesn't directly include tokens, it can be exploited for social engineering attacks through redirect chains).
- The impact can be amplified when redirect chains are combined with other vulnerabilities such as CSP bypass or cache poisoning.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "@lobehub/chat"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.130.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-59426"
],
"database_specific": {
"cwe_ids": [
"CWE-601"
],
"github_reviewed": true,
"github_reviewed_at": "2025-09-24T21:34:10Z",
"nvd_published_at": "2025-09-25T14:15:45Z",
"severity": "MODERATE"
},
"details": "### **Description**\n\n---\n\n\u003e Vulnerability Overview\n\u003e \n\nThe project\u0027s OIDC redirect handling logic constructs the host and protocol of the final redirect URL based on the X-Forwarded-Host or Host headers and the X-Forwarded-Proto value. In deployments where a reverse proxy forwards client-supplied X-Forwarded-* headers to the origin as-is, or where the origin trusts them without validation, an attacker can inject an arbitrary host and trigger an open redirect that sends users to a malicious domain.\n\n\u003e Vulnerable Code Analysis\n\u003e \n\n```bash\nconst internalRedirectUrlString = await oidcService.getInteractionResult(uid, result);\nlog(\u0027OIDC Provider internal redirect URL string: %s\u0027, internalRedirectUrlString);\n\nlet finalRedirectUrl;\ntry {\n finalRedirectUrl = correctOIDCUrl(request, new URL(internalRedirectUrlString));\n} catch {\n finalRedirectUrl = new URL(internalRedirectUrlString);\n log(\u0027Warning: Could not parse redirect URL, using as-is: %s\u0027, internalRedirectUrlString);\n}\n\nreturn NextResponse.redirect(finalRedirectUrl, {\n headers: request.headers,\n status: 303,\n});\n```\n\nhttps://github.com/lobehub/lobe-chat/blob/aa841a3879c30142720485182ad62aa0dbd74edc/src/app/(backend)/oidc/consent/route.ts#L113-L127\n\n### PoC\n\n---\n\n\u003e curl Example\n\u003e \n\n```bash\ncurl -i \u0027http://localhost:3210/oidc/callback/desktop?code=abc\u0026state=test123\u0027 \\\n -H \u0027X-Forwarded-Host: google.com\u0027 \\\n -H \u0027X-Forwarded-Proto: https\u0027\n```\n\n\u003cimg width=\"1504\" height=\"304\" alt=\"image\" src=\"https://github.com/user-attachments/assets/b71d937d-7be2-49db-8f3d-e07371912800\" /\u003e\n\n\n### Impact\n\n---\n\n- It can force users to redirect to untrusted external domains, leading to subsequent attacks such as phishing, credential harvesting, and session fixation.\n- It can disrupt the OAuth/OIDC flow user experience by redirecting users to malicious domains disguised as legitimate pages (even though this path doesn\u0027t directly include tokens, it can be exploited for social engineering attacks through redirect chains).\n- The impact can be amplified when redirect chains are combined with other vulnerabilities such as CSP bypass or cache poisoning.",
"id": "GHSA-xph5-278p-26qx",
"modified": "2025-09-26T16:28:58Z",
"published": "2025-09-24T21:34:10Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-xph5-278p-26qx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59426"
},
{
"type": "WEB",
"url": "https://github.com/lobehub/lobe-chat/commit/70f52a3c1fadbd41a9db0e699d1e44d9965de445"
},
{
"type": "PACKAGE",
"url": "https://github.com/lobehub/lobe-chat"
},
{
"type": "WEB",
"url": "https://github.com/lobehub/lobe-chat/blob/aa841a3879c30142720485182ad62aa0dbd74edc/src/app/(backend)/oidc/consent/route.ts#L113-L127"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "lobe-chat has an Open Redirect"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…