CVE-2026-47170 | Garlic-Hub manages digital signage network — devices, conten… | CVSS 7.7 HIGH

Description

Garlic-Hub manages digital signage network — devices, content, and playlists — from a single self-hosted interface. Prior to version 1.1, authenticated users can cause the server to issue arbitrary HTTP requests to internal services via the uploadFromUrl endpoint. This allows internal port scanning, service fingerprinting, and retrieval of internal HTTP responses which are stored in the publicly accessible media pool. This issue has been patched in version 1.1.

Metadata

CVE ID: CVE-2026-47170
State: PUBLISHED
Assigner: GitHub_M
Reserved: 2026-05-18 21:25 UTC
Published: 2026-06-11 18:38 UTC
Last updated: 2026-06-13 02:34 UTC
Primary CWE: CWE-918
CWE-918: Server-Side Request Forgery (SSRF)
Vendor / Product: garlic-signage / garlic-hub
Sources: cve.org · NVD

Severity & Metrics

7.7 HIGH CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

SSVC — CISA Coordinator

Exploitation: none
Automatable: no
Tech. Impact: partial

Affected products (1)

Vendor	Product	Platform	Versions
garlic-signage	garlic-hub	—	< 1.1

Weakness (CWE)

CWE	Source	Description
CWE-918	cna	CWE-918: Server-Side Request Forgery (SSRF)

CVSS scores (1)

Score	Severity	Version	Source	Vector
7.7	HIGH	3.1	cna	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References (2)

https://github.com/garlic-signage/garlic-hub/security/advisories/GHSA-x24v-76hr-989r https://github.com/garlic-signage/garlic-hub/security/advisories/GHSA-x24v-76hr-989r
https://github.com/garlic-signage/garlic-hub/commit/076b6d70a43d9641c35cbd8042353b473e3241f5 https://github.com/garlic-signage/garlic-hub/commit/076b6d70a43d9641c35cbd8042353b473e3241f5