Open Redirect in Better-auth

CVE-2025-53535

Better Auth is an authentication and authorization library for TypeScript. An open redirect has been found in the originCheck middleware function, which affects the following routes: /verify-email, /reset-password/:token, /delete-user/call…

Vulnerability class: Open Redirect

EPSS: 0.003 (25.2th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References