Ddos 
Security researchers from ARIMLABS.AI have disclosed a serious vulnerability in the Browser Use project—a tool that provides browser automation capabilities for AI agents. Tracked as CVE-2025-47241, the flaw carries a CVSS score of 9.3 and allows attackers to bypass domain whitelisting protections by embedding a decoy domain in the HTTP authentication username portion of a URL.
The core of the issue lies within the allowed_domains list in the BrowserContextConfig class, which is intended to act as a whitelist for accessible URLs. While the module is designed to restrict URL access during agent initialization, researchers at ARIMLABS.AI discovered a bypass. The vulnerability resides in the _is_url_allowed() method.
According to the advisory, “The core issue stems from the line domain = domain.split(':')[0], which allows an attacker to manipulate basic authentication credentials by providing a username:password pair.” This manipulation enables attackers to replace the username with a whitelisted domain, effectively bypassing the intended security check.
The advisory provides a clear proof of concept (POC) to illustrate the vulnerability. By setting allowed_domains to ['example.com'] and using the following URL: https://example.com:pass@localhost:8080, an attacker can bypass whitelist controls and gain unauthorized access to restricted internal services.
The implications of this vulnerability are significant. As the advisory states, it affects “all users relying on this functionality for security” and creates the “potential for unauthorized enumeration of localhost services and internal networks.” Furthermore, it grants the “ability to bypass domain whitelisting, leading to unauthorized browsing.”
The vulnerability affects all versions of the Browser Use module up to and including 0.1.44. Users are urged to update to the patched version, 0.1.45, immediately to mitigate the risk.