CVE-2025-53535

Name of the Vulnerable Software and Affected Versions: Better Auth versions prior to 1.2.10

Description: An open redirect issue has been found in the originCheck middleware function of Better Auth, an authentication and authorization library for TypeScript. The affected routes include "/verify-email", "/reset-password/:token", "/delete-user/callback", "/magic-link/verify", and "/oauth-proxy-callback".

Recommendations: For versions prior to 1.2.10, update to version 1.2.10 to resolve the issue. As a temporary workaround, consider restricting access to the affected routes until the update can be applied.