CVE-2026-5623 | hcengineering Huly Platform 0.7.382 Import Endpoint index.ts server-side request forgery

Inserito da Angelo Barbosa | Apr 5, 2026 | CVE

A vulnerability categorized as critical has been discovered in hcengineering Huly Platform 0.7.382. This affects an unknown part of the file server/front/src/index.ts of the component Import Endpoint. Such manipulation leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2026-5623. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-5623 | hcengineering Huly Platform 0.7.382 Import Endpoint index.ts server-side request forgery

Post correlati

CVE-2024-31352 | Email Subscribers & Newsletters Plugin up to 5.7.13 on WordPress authorization

CVE-2024-57936 | Linux Kernel up to 6.12.8 bnxt_re stack-based overflow

CVE-2024-1956 | WP-FeedStats wpb-show-core Plugin up to 2.6 on WordPress the cross site scripting

CVE-2024-46632 | Open Asset Import Library Assimp 5.4.3 LoadMD5MeshFile buffer overflow