CVE-2026-9557 in Mautic
Résumé
par MITRE • 29/05/2026
A Server-Side Request Forgery (SSRF) vulnerability exists in Mautic's Focus component. Due to insufficient validation of user-supplied URLs, an authenticated user can trigger outbound HTTP requests from the hosting server, enabling internal network reconnaissance or forcing requests to arbitrary internal or external destinations.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.