CVE-2026-45082

Karakeep is a elf-hostable bookmark-everything app. A Server-Side Request Forgery (SSRF) protection bypass vulnerability was identified in versions prior to 0.32.0 affecting redirect-following processing components. Although the application implements protections intended to prevent requests toward internal/private network destinations, these protections could be bypassed through crafted HTTP redirect chains. By leveraging attacker-controlled redirects, an authenticated user could cause vulnerable application components to initiate requests toward internally reachable Docker network services accessible from the application environment. The issue affected multiple processing paths, including crawler-related functionality and video download processing flows. Version 0.32.0 contains a patch.

CVSS v3 7.6 HIGH

7.6^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://github.com/karakeep-app/karakeep/security/advisories/GHSA-g647-327m-79g9
https://github.com/karakeep-app/karakeep/security/advisories/GHSA-g647-327m-79g9

Configurations

No configuration.

History

26 May 2026, 16:16

Type	Values Removed	Values Added
References	~~() https://github.com/karakeep-app/karakeep/security/advisories/GHSA-g647-327m-79g9 -~~	() https://github.com/karakeep-app/karakeep/security/advisories/GHSA-g647-327m-79g9 -

26 May 2026, 15:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-05-26 15:16

Updated : 2026-06-17 10:51

NVD link : CVE-2026-45082

Mitre link : CVE-2026-45082

CVE.ORG link : CVE-2026-45082

JSON object : View

Products Affected

No product.

CWE

CWE-918

Server-Side Request Forgery (SSRF)

{"id": "CVE-2026-45082", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2026-45082", "role": "CISA Coordinator", "options": [{"exploitation": "poc"}, {"automatable": "no"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2026-05-26T15:23:16.039726Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.7, "exploitabilityScore": 2.8}]}, "affected": [{"source": "security-advisories@github.com", "affectedData": [{"vendor": "karakeep-app", "product": "karakeep", "versions": [{"status": "affected", "version": "< 0.32.0"}]}]}], "published": "2026-05-26T15:16:38.693", "references": [{"url": "https://github.com/karakeep-app/karakeep/security/advisories/GHSA-g647-327m-79g9", "source": "security-advisories@github.com"}, {"url": "https://github.com/karakeep-app/karakeep/security/advisories/GHSA-g647-327m-79g9", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "Karakeep is a elf-hostable bookmark-everything app. A Server-Side Request Forgery (SSRF) protection bypass vulnerability was identified in versions prior to 0.32.0 affecting redirect-following processing components. Although the application implements protections intended to prevent requests toward internal/private network destinations, these protections could be bypassed through crafted HTTP redirect chains. By leveraging attacker-controlled redirects, an authenticated user could cause vulnerable application components to initiate requests toward internally reachable Docker network services accessible from the application environment. The issue affected multiple processing paths, including crawler-related functionality and video download processing flows. Version 0.32.0 contains a patch."}], "lastModified": "2026-06-17T10:51:40.313", "sourceIdentifier": "security-advisories@github.com"}