CVE-2026-28301

Summary

A vulnerability in which an attacker can provide a crafted external URL that may redirect a user to an unintended website.

Affected Software

VendorProductVersion RangeStatus
SolarWindsObservability Self-Hosted2026.1 and previous versionsaffected

Weaknesses

  • CWE-601: CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References