Vulnerability in Browser-use
CVE-2025-47241
In browser-use (aka Browser Use) before 0.1.45, URL parsing of allowed_domains is mishandled because userinfo can be placed in the authority component.
EPSS: 0.002 (40.2th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 4.0 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N.
Affected products
- Browser-use — versions 0
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2025-47241?
- CVE-2025-47241 is a medium-severity vulnerability in Browser-use, classified under CWE-647. CVSS score: 4.0/10. Published 2025-05-03.
- How severe is CVE-2025-47241?
- Medium severity. CVSS v3 base score is 4.0 out of 10.