Open Redirect in go-chi/chi allows attackers to redirect users to malicious sites

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.7

Open Redirect in go-chi/chi allows attackers to redirect users to malicious sites

CVE-2025-69725

Summary

The go-chi/chi library has a security issue that could allow attackers to trick users into visiting fake websites by manipulating URLs. This could potentially lead to phishing or other types of malicious activity. To stay safe, update to a newer version of go-chi/chi or consider using a different library.

Original title

An Open Redirect vulnerability in the go-chi/chi >=5.2.2 RedirectSlashes function allows remote attackers to redirect victim users to malicious websites using the legitimate website domain.

Original description

An Open Redirect vulnerability in the go-chi/chi >=5.2.2 RedirectSlashes function allows remote attackers to redirect victim users to malicious websites using the legitimate website domain.

nvd CVSS3.1 4.7

Vulnerability type

CWE-601 Open Redirect

Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026