Open Redirect in Withastro Astro

CVE-2025-55207

Astro is a web framework for content-driven websites. Following CVE-2025-54793 there's still an Open Redirect vulnerability in a subset of Astro deployment scenarios prior to version 9.4.1. Astro 5.12.8 addressed CVE-2025-54793 where https…

Vulnerability class: Open Redirect

EPSS: 0.005 (41.0th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2025-55207?
CVE-2025-55207 is a vulnerability in Withastro Astro, classified under URL Redirection to Untrusted Site (Open Redirect). Published 2025-08-15.
Is CVE-2025-55207 known to be exploited?
1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.