URL Redirection Vulnerability in SolarWinds Orion Platform
CVE-2026-28301

4.8MEDIUM

Key Information:

Vendor

Solarwinds

Vendor
CVE Published:
9 June 2026

What is CVE-2026-28301?

A vulnerability exists in the SolarWinds Orion Platform that enables attackers to craft malicious external URLs. This weakens security measures by potentially redirecting users to unintended or harmful websites, posing risks to data integrity and user privacy. Security best practices and updates are crucial to mitigate exploitation.

Affected Version(s)

Observability Self-Hosted 2026.1 and previous versions

References

CVSS V3.1

Score:
4.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.