GHSA-cg7h-phwj-q3qc

Опубликовано: 19 фев. 2026

Источник: github

Github: Не прошло ревью

CVSS4: 6.9

CVSS3: 6.5

Описание

Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side request forgery (SSRF) through the document processing functionality.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2026-26338
https://connect.hyland.com/t5/alfresco-blog/security-update-cve-2026-26337-cve-2026-26338-cve-2026-26339/ba-p/496551
https://www.hyland.com/en/solutions/products/alfresco-platform
https://www.vulncheck.com/advisories/hyland-alfresco-transformation-service-ssrf

EPSS

Процентиль: 30%

0.00114

Низкий

6.9 Medium

CVSS4

6.5 Medium

CVSS3

CVE ID

CVE-2026-26338

Дефекты

CWE-918

Связанные уязвимости

CVE-2026-26338

CVSS3: 9.8

nvd

4 месяца назад

Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side request forgery (SSRF) through the document processing functionality.

EPSS

Процентиль: 30%

0.00114

Низкий

6.9 Medium

CVSS4

6.5 Medium

CVSS3

CVE ID

CVE-2026-26338

Дефекты

CWE-918