CVE-2026-53523: CWE-601: URL Redirection to Untrusted Site ('Open Redirect') in nezhahq nezha
Nezha Monitoring versions from 1.0.0 up to but not including 2.2.0 contain an open redirect vulnerability due to improper validation of the Host header in the OAuth2 callback URL construction. This allows an attacker to manipulate the Host header to redirect users to untrusted sites. The issue has been fixed in version 2.2.0.
AI Analysis
Technical Summary
CVE-2026-53523 describes an open redirect vulnerability (CWE-601) in Nezha Monitoring, a self-hostable monitoring tool. The vulnerability exists in the getRedirectURL function within oauth2.go (lines 22-29), where the OAuth2 callback URL is constructed by concatenating the request's Host header with a fixed path without validating the Host header. This lack of validation enables host header injection, allowing attackers to redirect users to arbitrary external URLs. The vulnerability affects versions from 1.0.0 up to but not including 2.2.0 and has been patched in version 2.2.0.
Potential Impact
Successful exploitation can lead to users being redirected to malicious external sites, potentially facilitating phishing or other social engineering attacks. The CVSS 3.1 score is 6.8 (medium severity) reflecting network attack vector, high impact on confidentiality and integrity, but requiring user interaction and high attack complexity.
Mitigation Recommendations
Upgrade Nezha Monitoring to version 2.2.0 or later, where the vulnerability has been patched. No other official remediation or temporary fixes are documented. Patch status is confirmed by the vendor advisory stating the fix in 2.2.0.
CVE-2026-53523: CWE-601: URL Redirection to Untrusted Site ('Open Redirect') in nezhahq nezha
Description
Nezha Monitoring versions from 1.0.0 up to but not including 2.2.0 contain an open redirect vulnerability due to improper validation of the Host header in the OAuth2 callback URL construction. This allows an attacker to manipulate the Host header to redirect users to untrusted sites. The issue has been fixed in version 2.2.0.
CVSS v3.1
Score 6.8medium
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-53523 describes an open redirect vulnerability (CWE-601) in Nezha Monitoring, a self-hostable monitoring tool. The vulnerability exists in the getRedirectURL function within oauth2.go (lines 22-29), where the OAuth2 callback URL is constructed by concatenating the request's Host header with a fixed path without validating the Host header. This lack of validation enables host header injection, allowing attackers to redirect users to arbitrary external URLs. The vulnerability affects versions from 1.0.0 up to but not including 2.2.0 and has been patched in version 2.2.0.
Potential Impact
Successful exploitation can lead to users being redirected to malicious external sites, potentially facilitating phishing or other social engineering attacks. The CVSS 3.1 score is 6.8 (medium severity) reflecting network attack vector, high impact on confidentiality and integrity, but requiring user interaction and high attack complexity.
Mitigation Recommendations
Upgrade Nezha Monitoring to version 2.2.0 or later, where the vulnerability has been patched. No other official remediation or temporary fixes are documented. Patch status is confirmed by the vendor advisory stating the fix in 2.2.0.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-06-09T17:30:33.456Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a2c7c93e617e2d834c6c820
Added to database: 6/12/2026, 9:39:31 PM
Last enriched: 6/12/2026, 9:55:10 PM
Last updated: 6/12/2026, 10:45:40 PM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.