CVE-2026-30834 | PinchTab up to 0.7.6 Internal Network Service /download server-side request forgery

Inserito da Angelo Barbosa | Mar 7, 2026 | CVE

A vulnerability, which was classified as critical, has been found in PinchTab up to 0.7.6. Affected by this vulnerability is an unknown functionality of the file /download of the component Internal Network Service Handler. The manipulation leads to server-side request forgery.

This vulnerability is traded as CVE-2026-30834. It is possible to initiate the attack remotely. There is no exploit available.

It is advisable to upgrade the affected component.

CVE-2026-30834 | PinchTab up to 0.7.6 Internal Network Service /download server-side request forgery

Post correlati

CVE-2024-7654 | Progress OpenEdge up to 11.7.18/12.2.14/12.8.1 ActiveMQ Discovery Service cross site scripting

CVE-2024-8572 | Gouniverse GoLang CMS 1.4.0 FrontendHandler.go PageRenderHtmlByAlias alias cross site scripting

VDB-257781 | mglowinski93 FinanseWebApplication balance.php startDate/endDate sql injection

CVE-2024-4037 | WP Photo Album Plus Plugin up to 8.7.02.003 on WordPress Shortcode code injection