CVE-2026-42596 | gotenberg 8.1.0/8.31.0 downloadFrom/webhook server-side request forgery

Inserito da Angelo Barbosa | Mag 7, 2026 | CVE

A vulnerability has been found in gotenberg 8.1.0/8.31.0 and classified as critical. Affected is the function downloadFrom/webhook. Performing a manipulation results in server-side request forgery.

This vulnerability was named CVE-2026-42596. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.

CVE-2026-42596 | gotenberg 8.1.0/8.31.0 downloadFrom/webhook server-side request forgery

Post correlati

CVE-2025-4389 | Crawlomatic Multipage Scraper Post Generator Plugin crawlomatic_generate_featured_image unrestricted upload

CVE-2026-3103 | Checkmk up to 2.2.0/2.3.0p42/2.4.0p22 remove_password authorization

CVE-2024-33147 | J2EEFAST 2.7.0 authRoleList sql_filter sql injection

CVE-2024-37732 | Anchor CMS 0.12.7 PDF File cross site scripting