CVE-2026-30834 in PinchTab정보

요약

\~에 의해 MITRE • 2026. 03. 07.

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. Prior to version 0.7.7, a Server-Side Request Forgery (SSRF) vulnerability in the /download endpoint allows any user with API access to induce the PinchTab server to make requests to arbitrary URLs, including internal network services and local system files, and exfiltrate the full response content. This issue has been patched in version 0.7.7.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

GitHub M

예약하다

2026. 03. 05.

공개

2026. 03. 07.

모더레이션

수락

항목

VDB-349680

CPE

준비됨

CWE

CWE-918 (확인됨)

CVSS

7.5 (CNA)

EPSS

0.00021

KEV

아니요

활동

매우 낮음

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-30834
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-30834
CVE Details	https://www.cvedetails.com/cve/CVE-2026-30834/

◂ 이전 개요 다음 ▸

Do you know our Splunk app?

Download it now for free!