CVE-2026-35409 | Directus up to 11.15.x server-side request forgery

Inserito da Angelo Barbosa | Apr 6, 2026 | CVE

A vulnerability classified as critical has been found in Directus up to 11.15.x. Affected by this issue is some unknown functionality. The manipulation leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2026-35409. The attack is possible to be carried out remotely. No exploit exists.

It is recommended to upgrade the affected component.

CVE-2026-35409 | Directus up to 11.15.x server-side request forgery

Post correlati

CVE-2022-48695 | Linux Kernel up to 5.19.8 mpt3sas lib/refcount.c use after free

CVE-2025-9339 | Simple ERP up to 6.30@a04.2 Warehouse Document Filtering Form sql injection

CVE-2026-34979 | OpenPrinting CUPS up to 2.4.16 on Linux Attributes heap-based overflow

CVE-2026-33004 | LoadNinja Plugin up to 2.1 on Jenkins Job Configuration Form information disclosure