Vulnerability Database

321,672

Total vulnerabilities in the database

CVE-2026-25198

web2py versions 2.27.1-stable+timestamp.2023.11.16.08.03.57 and prior contain an open redirect vulnerability. If this vulnerability is exploited, the user may be redirected to an arbitrary website when accessing a specially crafted URL. As a result, the user may become a victim of a phishing attack.

Published: Feb 5, 2026
Updated: Feb 6, 2026
CVE: CVE-2026-25198
Exploit:

No technical information available.

CWEs:

CWE-601

Affected Software
References

No affected software listed.

https://github.com/web2py/web2py/commit/b4e1ddbd6d40fb30863f6263a67bcdf411a0c6df
https://github.com/web2py/web2py/releases
https://jvn.jp/en/jp/JVN46925341/
https://web2py.com/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo