CVE-2026-59707 in LocalAIinfo

Summary

by MITRE • 07/07/2026

LocalAI contains an unauthenticated server-side request forgery vulnerability in the POST /models/apply endpoint that allows attackers to fetch arbitrary internal URLs. The endpoint passes unsanitized gallery URL fields directly to gallery.GetGalleryConfigFromURLWithContext without proper validation, enabling attackers to force the server to issue HTTP GET requests to private and loopback ranges with partial response content leaked through error messages.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 07/07/2026

The vulnerability identified in LocalAI represents a critical server-side request forgery flaw that undermines the security boundaries of the application. This weakness exists within the POST /models/apply endpoint where the system fails to properly validate user-supplied gallery URL parameters before processing them. The absence of input sanitization creates an environment where malicious actors can exploit the application's trust in internal network resources. The vulnerability specifically targets the gallery.GetGalleryConfigFromURLWithContext function which receives unsanitized URLs and attempts to fetch configuration data from remote sources without adequate security controls.

The technical implementation of this vulnerability enables attackers to manipulate the application's behavior by supplying crafted URL parameters that bypass normal access controls. When the system processes these malicious inputs, it performs HTTP GET requests to internal network addresses including private IP ranges and loopback interfaces such as 127.0.0.1 or ::1. This allows threat actors to probe internal systems that would normally be isolated from external access, effectively extending their attack surface beyond what should be permissible. The partial response content leakage through error messages provides attackers with additional information about internal network structure and system responses, which can be leveraged for further reconnaissance.

The operational impact of this vulnerability is significant as it grants unauthorized access to internal network resources that are typically protected by firewall rules and network segmentation policies. Attackers can potentially discover sensitive services running on internal ports, map network topology, and identify potential targets for additional attacks. The ability to perform requests against loopback addresses means that even systems with strict external firewalls may be compromised, as the application itself becomes an unwitting proxy for internal network reconnaissance. This vulnerability essentially transforms the LocalAI server into a potential attack vector that can bypass traditional network security controls.

Security mitigations for this vulnerability should focus on implementing comprehensive input validation and sanitization for all user-supplied URL parameters. The system must enforce strict URL parsing to ensure that only legitimate external URLs are processed, rejecting any attempts to access internal network ranges or loopback addresses. Organizations should implement proper network segmentation and firewall rules that prevent the application server from accessing internal resources, while also deploying web application firewalls that can detect and block suspicious URL patterns. The solution must align with established security frameworks such as CWE-918 which categorizes server-side request forgery vulnerabilities, and should be addressed through ATT&CK technique T1071.004 for application layer protocol manipulation. Additionally, implementing proper error handling that does not leak internal system information would significantly reduce the attack surface by preventing information disclosure through error messages.

Responsible

VulnCheck

Reservation

07/06/2026

Disclosure

07/07/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Interested in the pricing of exploits?

See the underground prices here!