CVE-2026-42591 | Gotenberg up to 8.31.x LibreOffice Conversion Endpoint convert server-side request forgery (GHSA-rm4c-xj6x-49mw)

Inserito da Angelo Barbosa | Mag 14, 2026 | CVE

A vulnerability was found in Gotenberg up to 8.31.x and classified as critical. The impacted element is an unknown function in the library /forms/libreoffice/convert of the component LibreOffice Conversion Endpoint. Such manipulation leads to server-side request forgery.

This vulnerability is referenced as CVE-2026-42591. It is possible to launch the attack remotely. No exploit is available.

It is suggested to upgrade the affected component.

CVE-2026-42591 | Gotenberg up to 8.31.x LibreOffice Conversion Endpoint convert server-side request forgery (GHSA-rm4c-xj6x-49mw)

Post correlati

CVE-2025-23859 | Joshua Wieczorek Daily Proverb Plugin up to 2.0.3 on WordPress cross site scripting

CVE-2024-23487 | Intel Server D50DNP improper authentication (intel-sa-01080)

CVE-2026-4407 | Xpdf 4.06 out-of-bounds

CVE-2025-58187 | Google Go up to 1.25.1 crypto-x509 resource consumption