CVE-2026-48858 | Erlang OTP up to 6.x PASV ftp_internal.erl server-side request forgery (GHSA-24cv-hwgr-37fq)

Inserito da Angelo Barbosa | Giu 10, 2026 | CVE

A vulnerability categorized as critical has been discovered in Erlang OTP up to 6.x. Impacted is an unknown function in the library lib/inets/src/ftp/ftp_internal.erl of the component PASV Handler. Executing a manipulation can lead to server-side request forgery.

This vulnerability is registered as CVE-2026-48858. It is possible to launch the attack remotely. No exploit is available.

It is advisable to upgrade the affected component.

CVE-2026-48858 | Erlang OTP up to 6.x PASV ftp_internal.erl server-side request forgery (GHSA-24cv-hwgr-37fq)

Post correlati

CVE-2026-0664 | wproyal Royal Addons for Elementor Plugin up to 1.7.1049 on WordPress Parameter button_text cross site scripting

CVE-2024-30104 | Microsoft unknown vulnerability

CVE-2024-36420 | FlowiseAI Flowise up to 1.4.3 openai-assistants-file fileName information disclosure (GHSL-2023-232)

CVE-2025-8511 | Portabilis i-Diario 1.5.0 Observações /diario-de-observacoes/ Descrição cross site scripting