CVE-2026-44681
MEDIUMAuthlib: Open Redirect in Authlib OIDC Implicit/Hybrid Authorization
Title source: cnaDescription
Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to 1.6.12 and 1.7.1, an unauthenticated open redirect in Authlib's OpenIDImplicitGrant and OpenIDHybridGrant authorization endpoint lets a remote attacker cause the authorization server to issue an HTTP 302 to an attacker-chosen URL by submitting an authorization request that omits the openid scope. This vulnerability is fixed in 1.6.12 and 1.7.1.
References (1)
Core 1
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/authlib/authlib/security/advisories/GHSA-r95x-qfjj-fjj2
Scores
CVSS v3
6.1
EPSS
0.0018
EPSS Percentile
7.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-601
CWE-863
Status
published
Products (5)
authlib/authlib
1.7.0
authlib/authlib
< 1.6.12 (2 CPE variants)
authlib/authlib
>= 1.7.0, < 1.7.1
pypi/authlib
0 - 1.6.12PyPI
pypi/authlib
1.7.0 - 1.7.1PyPI
Published
May 27, 2026
Tracked Since
May 28, 2026