CVE-2026-40280 | gotenberg 8.1.0 webhook/downloadFrom server-side request forgery

Inserito da Angelo Barbosa | Apr 30, 2026 | CVE

A vulnerability has been found in gotenberg 8.1.0 and classified as critical. This impacts an unknown function of the component webhook/downloadFrom. This manipulation causes server-side request forgery.

This vulnerability is handled as CVE-2026-40280. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-40280 | gotenberg 8.1.0 webhook/downloadFrom server-side request forgery

Post correlati

CVE-2025-23577 | Sourov Amin Word Freshener Plugin up to 1.3 on WordPress cross-site request forgery

CVE-2024-34899 | WWBN AVideo 12.4 cross site scripting

CVE-2024-10597 | ESAFENET CDG 5 PolicyActionService.java delPolicyAction id sql injection

CVE-2022-49792 | Linux Kernel up to 5.10.155/5.15.79/6.0.9 iio out-of-bounds