CVE-2026-5936 in PDF Services APIजानकारी

सारांश

द्वारा MITRE • 13/04/2026

An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal network services, access otherwise unreachable endpoints (e.g., cloud metadata services), or bypass network access controls, potentially leading to sensitive information disclosure and further compromise of the internal environment.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

जिम्मेदार

Foxit

आरक्षित करना

09/04/2026

प्रकटीकरण

13/04/2026

संयम

स्वीकृत

प्रविष्टि

VDB-357097

CPE

तैयार

CWE

CWE-918 (पुष्टि की गई)

CVSS

8.5 (CNA)

EPSS

0.00036

KEV

नहीं

गतिविधियाँ

बहुत कम

क्षेत्र

Energy, Transportation, ...

स्रोत

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-5936
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-5936
CVE Details	https://www.cvedetails.com/cve/CVE-2026-5936/

◂ पिछला सिंहावलोकन अगला ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!