CVE-2026-42180 | LemmyNet lemmy up to 0.19.17 HTTP Request /api/v3/post server-side request forgery

Inserito da Angelo Barbosa | Mag 8, 2026 | CVE

A vulnerability has been found in LemmyNet lemmy up to 0.19.17 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/v3/post of the component HTTP Request Handler. The manipulation leads to server-side request forgery.

This vulnerability is documented as CVE-2026-42180. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-42180 | LemmyNet lemmy up to 0.19.17 HTTP Request /api/v3/post server-side request forgery

Post correlati

CVE-2024-4635 | ThemeIsle Menu Icons Plugin up to 0.13.13 on WordPress SVG Upload cross site scripting

CVE-2025-43826 | Liferay Portal/DXP Web Content Translation cross site scripting

CVE-2024-52792 | LDAPAccountManager LAM up to 8.x Setting mainmanage.php external reference (GHSA-fm9w-7m7v-wxqv)

CVE-2025-1821 | zj1983 zz up to 2024-8 ZorgAction.java getUserOrgForUserId userID sql injection