CVE-2026-36759 - Halo SSRF Vulnerability
CVE ID :CVE-2026-36759 Published : April 30, 2026, 4:16 p.m. | 25 minutes ago Description :A Server-Side Request Forgery (SSRF) in the /themes/{name}/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request. Severity: 0.0
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] After dissing Anthropic for limiting Mythos, OpenAI restricts access to Cyber, too
- [CYBER] New Bluekit phishing service includes an AI assistant, 40 templates
- [CYBER] Anthropic Unveils Claude Security to Counter AI-Powered Exploit Surge
- [CYBER] AI Fuels ‘Industrial’ Cybercrime as Time-to-Exploit Shrinks to Hours
- [CYBER] Whats the general consensus on all of these ID verification laws/implementations?
- [CYBER] Copy Fail: New Linux bug enables Root via page‑cache corruption