CVE-2026-25123

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-25123
Homarr is an open-source dashboard. Prior to 1.52.0, a public (unauthenticated) tRPC endpoint widget.app.ping accepts an arbitrary url and performs a server-side request to that URL. This allows an unauthenticated attacker to trigger outbound HTTP requests from the Homarr server, enabling SSRF behavior and a reliable port-scanning primitive (open vs closed ports can be inferred from statusCode vs fetch failed and timing). This vulnerability is fixed in 1.52.0.

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://github.com/homarr-labs/homarr/security/advisories/GHSA-c6rh-8wj4-gv74 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:homarr:homarr:*:*:*:*:*:*:*:*
History

18 Feb 2026, 18:08

Type Values Removed Values Added
Summary
  • (es) Homarr es un panel de control de código abierto. Antes de la versión 1.52.0, un endpoint tRPC público (no autenticado) widget.app.ping acepta una URL arbitraria y realiza una solicitud del lado del servidor a esa URL. Esto permite a un atacante no autenticado activar solicitudes HTTP salientes desde el servidor de Homarr, lo que habilita el comportamiento SSRF y una primitiva fiable de escaneo de puertos (los puertos abiertos frente a los cerrados pueden inferirse del código de estado frente a la falla de la solicitud y el tiempo). Esta vulnerabilidad está corregida en la versión 1.52.0.
References () https://github.com/homarr-labs/homarr/security/advisories/GHSA-c6rh-8wj4-gv74 - () https://github.com/homarr-labs/homarr/security/advisories/GHSA-c6rh-8wj4-gv74 - Vendor Advisory
First Time Homarr
Homarr homarr
CPE cpe:2.3:a:homarr:homarr:*:*:*:*:*:*:*:*

06 Feb 2026, 22:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-02-06 22:16

Updated : 2026-02-18 18:08

NVD link : CVE-2026-25123

Mitre link : CVE-2026-25123

CVE.ORG link : CVE-2026-25123

JSON object : View

Products Affected

homarr

  • homarr
CWE
CWE-918

Server-Side Request Forgery (SSRF)