Back to overview

CVE-2026-50887

Description

A Server-Side Request Forgery (SSRF) in the automatic short URL title resolution component of shlink v5.0.1 allows attackers to scan internal resources via supplying a crafted longUrl.

Metadata

CVE ID: CVE-2026-50887
State: PUBLISHED
Assigner: mitre
Reserved: 2026-06-07 00:00 UTC
Published: 2026-06-15 00:00 UTC
Last updated: 2026-06-15 18:53 UTC
Vendor / Product: n/a / n/a
Sources: cve.org · NVD

Severity & Metrics

No CVSS data available.

Affected products (1)

Vendor	Product	Platform	Versions
n/a	n/a	—	n/a

Weakness (CWE)

CWE	Source	Description
—	cna	n/a

References (1)

https://gist.github.com/pyuysig/9de95fb39eb089a4346570d791af99a6

Back to overview