CVE-2026-27479 | ellite Wallos up to 4.6.0 getLogoFromUrl server-side request forgery (GHSA-fgmf-7g5v-jmjg)

Inserito da Angelo Barbosa | Feb 21, 2026 | CVE

A vulnerability identified as critical has been detected in ellite Wallos up to 4.6.0. This issue affects the function getLogoFromUrl. Performing a manipulation results in server-side request forgery.

This vulnerability is reported as CVE-2026-27479. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.

CVE-2026-27479 | ellite Wallos up to 4.6.0 getLogoFromUrl server-side request forgery (GHSA-fgmf-7g5v-jmjg)

Post correlati

CVE-2024-4549 | Delta Electronics DIAEnergie up to 1.10.1.8610 ICS Restart CEBC.exe denial of service

CVE-2024-13151 | Logo Retail Sales Management up to 20250918 authorization bypass through user-controlled sql primary key

CVE-2024-49906 | Linux Kernel up to 6.11.2 AMD Display pipe_ctx->plane_state null pointer dereference (2002ccb93004/1b686053c06f)

CVE-2024-37665 | Wvp GB28181 Pro 2.0 HTTP POST Request access control