HIGH 7.5

CVE-2026-47265: AIOHTTP Cookie Leak on Cross-Origin Redirects (CVSS 7.5)

AIOHTTP, a popular Python framework for building asynchronous web applications, has a cookie-handling vulnerability that can leak sensitive data during cross-origin redirects. When developers attach cookies directly to individual requests using the `cookies` parameter, those cookies are transmitted to redirect destinations across different origins—a behavior that violates the same-origin principle. An attacker who can trigger a redirect to a malicious domain they control could intercept authentication tokens, session IDs, or other sensitive cookie data. The issue affects all versions prior to 3.14.0 and is now patched.

Source data · NVD / CISA · public domain

CVSS
3.1 · 7.5 HIGH · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weaknesses (CWE)
CWE-346
Affected products
1 configuration(s)
Published / Modified
2026-06-02 / 2026-06-17

NVD description (verbatim)

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, cookies set with the `cookies` parameter on requests are sent after following a cross-origin redirect. If a developer uses the `cookies` parameter on a per-request basis then sensitive data might be leaked to an attacker if they manage to control a redirect. Version 3.14.0 patches the issue. If unable to upgrade, using a `Cookie` header in the `headers` parameter is not vulnerable.

2 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

CVE-2026-47265 concerns improper cookie transmission in AIOHTTP's redirect handling. The vulnerability stems from the framework forwarding cookies set via the per-request `cookies` parameter when following HTTP redirects to different origins. This violates secure cookie policy, which dictates that cookies should generally remain confined to their originating domain. The attack surface is cross-origin: if an attacker controls a redirect target URL or can manipulate a redirect response, they can observe cookies intended only for the original request domain. The CVSS 3.1 score of 7.5 (HIGH) reflects the high-confidence confidentiality impact without requiring authentication or user interaction, though integrity and availability remain unaffected. The vulnerability is categorized under CWE-346 (Origin Validation Error).

Business impact

Organizations using AIOHTTP to build services that authenticate users or handle sensitive session data face exposure of authentication credentials to attacker-controlled domains. The practical impact depends on deployment architecture: services that make cross-origin API calls with per-request cookie authentication are at highest risk. Compromised cookies could enable session hijacking, unauthorized API calls, or lateral movement within multi-tenant systems. The risk is particularly acute in microservices environments where internal service-to-service calls might unknowingly traverse untrusted redirect chains. Any SaaS platform or internal tool relying on AIOHTTP's cookie handling should treat this as a priority security event.

Affected systems

The vulnerability affects AIOHTTP versions prior to 3.14.0. Any Python application using AIOHTTP as an HTTP client that passes cookies via the `cookies` parameter on individual requests is potentially affected. The issue does not affect applications that manage cookies exclusively through the `Cookie` header in the `headers` parameter, providing a mitigation path for those unable to upgrade immediately. Applications not using request-level cookie parameters are unaffected.

Exploitability

The vulnerability has a low barrier to exploitation. An attacker requires network positioning to observe or influence redirect targets—typically achievable through DNS hijacking, BGP hijacking, or control of a legitimate redirect destination. No authentication or special privileges are required to trigger the vulnerability; a simple malicious redirect URL suffices. However, the attack requires either developer misconfiguration (using cross-origin redirects with cookies) or active attacker intervention in the redirect chain. The public availability of AIOHTTP code means the attack vector is well-understood by determined threat actors. Notably, this vulnerability is not currently tracked in the CISA Known Exploited Vulnerabilities (KEV) catalog.

Remediation

Upgrade AIOHTTP to version 3.14.0 or later as soon as feasible. For teams unable to upgrade immediately, refactor cookie handling to use the `Cookie` header within the `headers` parameter instead of the `cookies` parameter; this approach is not vulnerable to the redirect issue. Additionally, implement strict redirect validation policies to prevent unexpected cross-origin redirects, and consider leveraging AIOHTTP's connector settings to disable automatic redirects if your application logic does not require them. Review all code that uses the `cookies` parameter with external or user-controlled redirect destinations.

Patch guidance

Upgrade AIOHTTP to version 3.14.0 or later. Check your dependency management tool (pip, poetry, pipenv) for the latest release and test in a staging environment before production deployment. Review release notes for any breaking changes or deprecations. For Python environments using pinned dependencies, update your requirements files and run your full test suite prior to rollout. Monitor AIOHTTP's GitHub repository for any post-release security advisories.

Detection guidance

Review your application logs and network telemetry for cross-origin redirect requests that carry cookies set via AIOHTTP's `cookies` parameter. Check for POST or GET requests that originate from your infrastructure and redirect to external or unexpected domains, particularly those with credentials in the request. Monitor for unusual access patterns from known-good services accessing third-party URLs. Examine AIOHTTP dependency versions in your codebase using `pip show aiohttp` or your package manager's audit features. Implement alerting on redirect chains that cross domain boundaries and carry authentication headers or cookies.

Why prioritize this

This vulnerability warrants urgent attention due to its HIGH CVSS score (7.5), straightforward exploitability via network-based manipulation, and potential for widespread credential compromise. Organizations should prioritize patching production AIOHTTP deployments, especially those in security-sensitive roles (authentication services, API gateways, data processors). The ease of exploitation combined with the high confidentiality impact makes this a candidate for rapid remediation timelines. While not yet in the KEV catalog, the attack vector is clear and likely to attract threat actor interest if not addressed quickly.

Risk score, explained

The CVSS 3.1 score of 7.5 reflects: (1) network-based attack vector requiring no special privileges or user interaction; (2) low attack complexity—the vulnerability is triggered by normal redirect behavior; (3) high confidentiality impact, as sensitive cookies and authentication tokens can be exfiltrated; and (4) no integrity or availability impact, keeping the severity from reaching critical levels. The score appropriately captures a well-understood, remotely exploitable vulnerability with serious confidentiality implications but limited scope.

Frequently asked questions

Does this vulnerability affect applications using cookies set in the browser or via Set-Cookie headers?

No. The vulnerability specifically targets cookies attached via AIOHTTP's per-request `cookies` parameter in the Python client code. Cookies set via Set-Cookie headers or stored in browser sessions are not affected by this flaw. The issue is specific to server-side AIOHTTP code making HTTP requests with cookies.

If we use AIOHTTP only as a server (not as a client), are we affected?

If your application uses AIOHTTP only to handle incoming HTTP requests and does not make outbound HTTP requests to other services, you are not affected. The vulnerability exists in AIOHTTP's client-side redirect handling. Server-only deployments can deprioritize this patch, though staying current with security releases is always advisable.

What is the mitigation if we cannot upgrade immediately?

Replace instances of `aiohttp_session.get(url, cookies=my_cookies)` with `aiohttp_session.get(url, headers={'Cookie': 'key=value'})`. This approach does not transmit cookies across redirects to different origins. Additionally, disable automatic redirects where feasible using connector configuration, or implement explicit redirect validation logic that prevents cross-origin hops.

Could an internal attacker exploit this, or is it only external?

An attacker does not need to be external to the network. Any actor who can influence a redirect destination—whether via DNS compromise, network interception, or by compromising an upstream service that issues redirects—can exploit this. Internal network compromise or misconfigured internal services could also serve as exploitation vectors.

This analysis is based on publicly available information as of the publication date and represents our expert assessment of the vulnerability. Patch versions and compatibility should be verified against the official AIOHTTP advisory and your specific environment. This vulnerability is not currently listed in the CISA Known Exploited Vulnerabilities catalog as of the source data date. Always test patches in a staging environment before production deployment. SEC.co makes no warranty regarding the completeness or accuracy of future exploit development or threat actor adoption. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).