CVE-2026-50552 | Koel up to 9.7.0 Radio Station Creation Endpoint /api/radio/stations url server-side request forgery (GHSA-jr4p-4xjh-fwvw)

Inserito da Angelo Barbosa | Giu 12, 2026 | CVE

A vulnerability was found in Koel up to 9.7.0. It has been rated as critical. This affects an unknown part of the file /api/radio/stations of the component Radio Station Creation Endpoint. Performing a manipulation of the argument url results in server-side request forgery.

This vulnerability was named CVE-2026-50552. The attack may be initiated remotely. There is no available exploit.

Upgrading the affected component is advised.

CVE-2026-50552 | Koel up to 9.7.0 Radio Station Creation Endpoint /api/radio/stations url server-side request forgery (GHSA-jr4p-4xjh-fwvw)

Post correlati

CVE-2026-39852 | io.quarkus:quarkus-vertx-http HTTP Request /api/admin authorization

CVE-2026-5806 | code-projects Easy Blog Site 1.0 /posts/update.php postTitle cross site scripting

CVE-2025-1388 | Learning Digital Orca HCM up to 10.x unrestricted upload

CVE-2025-0462 | Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 searchcontent sql injection