CVE-2026-42591 | Gotenberg up to 8.31.x LibreOffice Conversion Endpoint convert server-side request forgery (GHSA-rm4c-xj6x-49mw)

Inserito da Angelo Barbosa | Mag 14, 2026 | CVE

A vulnerability was found in Gotenberg up to 8.31.x and classified as critical. The impacted element is an unknown function in the library /forms/libreoffice/convert of the component LibreOffice Conversion Endpoint. Such manipulation leads to server-side request forgery.

This vulnerability is referenced as CVE-2026-42591. It is possible to launch the attack remotely. No exploit is available.

It is suggested to upgrade the affected component.

CVE-2026-42591 | Gotenberg up to 8.31.x LibreOffice Conversion Endpoint convert server-side request forgery (GHSA-rm4c-xj6x-49mw)

Post correlati

CVE-2024-34035 | O-RAN Near Realtime RIC – H-Release sim-e2-interface/e2mgr denial of service

CVE-2025-53236 | AndonDesign UDesign Core Plugin up to 4.14.0 on WordPress authorization

CVE-2021-27795 | Brocade Fabric OS risky encryption

CVE-2024-54227 | theDotstore Minimum and Maximum Quantity for WooCommerce Plugin authorization