A vulnerability was found in karakeep-app karakeep up to 0.31.x. It has been declared as critical. The impacted element is an unknown function of the component HTTP Handler. The manipulation results in server-side request forgery.
This vulnerability was named CVE-2026-45082. The attack may be performed from remote. There is no available exploit.
It is recommended to upgrade the affected component.
