CVE-2026-48736 | Symfony IpUtils::PRIVATE_SUBNETS server-side request forgery

Inserito da Angelo Barbosa | Giu 16, 2026 | CVE

A vulnerability categorized as critical has been discovered in Symfony. The impacted element is the function IpUtils::PRIVATE_SUBNETS. Such manipulation leads to server-side request forgery.

This vulnerability is documented as CVE-2026-48736. The attack can be executed remotely. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2026-48736 | Symfony IpUtils::PRIVATE_SUBNETS server-side request forgery

Post correlati

CVE-2026-25579 | Navidrome up to 0.59.x /rest/getCoverArt size resource consumption (GHSA-hrr4-3wgr-68×3)

CVE-2024-38176 | Microsoft GroupMe excessive authentication

CVE-2024-20794 | Adobe Animate up to 23.0.4/24.0.1 null pointer dereference (apsb24-26)

CVE-2025-66151 | merkulove Countdowner for Elementor Plugin up to 1.0.4 on WordPress authorization