CVE-2026-6119 | AstrBotDevs AstrBot up to 4.22.1 API Endpoint post_data.get server-side request forgery (Issue 7171)

Inserito da Angelo Barbosa | Apr 11, 2026 | CVE

A vulnerability was found in AstrBotDevs AstrBot up to 4.22.1. It has been declared as critical. The affected element is the function post_data.get of the component API Endpoint. Such manipulation leads to server-side request forgery.

This vulnerability is listed as CVE-2026-6119. The attack may be performed from remote. In addition, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-6119 | AstrBotDevs AstrBot up to 4.22.1 API Endpoint post_data.get server-side request forgery (Issue 7171)

Post correlati

CVE-2025-0367 | Splunk Supporting Add-on for Active Directory 3.1.0 redos (SVD-2025-0103)

CVE-2025-0649 | Google Tensorflow up to 2.18.0 JSON stack-based overflow

CVE-2023-51469 | Mestres do WP Checkout Mestres WP Plugin up to 7.1.9.6 on WordPress sql injection

CVE-2023-5010 | Kashipara Group Student Information System 1.0 marks.php coursecode sql injection