Home > Vulnerability Database > CVE-2025-50736

Mend.io Vulnerability Database

CVE-2025-50736

Good to know:

Date: October 29, 2025

An open redirect vulnerability exists in Byaidu PDFMathTranslate v1.9.9 that allows attackers to craft URLs that cause the application to redirect users to arbitrary external websites via the file parameter to the /gradio_api endpoint. This vulnerability could be exploited for phishing attacks or to bypass security filters.

Severity Score

6.1

Related Resources (7)

Url: https://github.com/Byaidu/PDFMathTranslate

Url: https://github.com/fai1424/Vulnerability-Research/tree/main/CVE-2025-50736

Url: https://pdf2zh.com/

Url: https://pdf2zh.com

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-50736

Url: https://hackmd.io/@fai1424/SJz7ttVWxe

Url: https://www.mend.io/vulnerability-database/CVE-2025-50736

Severity Score

6.1

Weakness Type (CWE)

URL Redirection to Untrusted Site ('Open Redirect')

CWE-601

CVSS v3.1

Base Score:	6.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	CHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-50736

Good to know:

Date: October 29, 2025

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?