SolarWinds Observability Self-Hosted Open Redirect Vulnerability (CVE-2026-28301)

Summary

A vulnerability in which an attacker can provide a crafted external URL that may redirect a user to an unintended website.


Affected Products

SolarWinds Observability Self-Hosted 2026.1.1 and below


Fixed Software Release

SolarWinds Observability Self-Hosted 2026.2

Advisory Details
Severity

4.8 Medium

Advisory ID

CVE-2026-28301

First Published

06/09/2026

Fixed Version

SolarWinds Observability Self-Hosted 2026.2

CVSS Score

CVSS:4.8/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Download PDF
Send an Email