GHSA Advisory · Coordinated Disclosure

GHSA-2hch-c97c-g99x

WWBN/AVideo

SSRF Protection Bypass via HTTP Redirect & DNS Rebinding in isSSRFSafeURL() (CVE-2026-43884)

CVSS7.7

SeverityHigh

TypeGHSA

Summary

GHSA-2hch-c97c-g99x: SSRF Protection Bypass via HTTP Redirect & DNS Rebinding in isSSRFSafeURL() (CVE-2026-43884). CVSS 7.7, High severity. Reported and coordinated through the GitHub Security Advisory database.

References

GitHub Advisory DB↗ Reporter profile↗

Context

This advisory is part of coordinated disclosures alongside 23 published CVEs and 5 Linux kernel patches. For methodology see research.

disclosure contextall advisories →

advisories

All GHSAs →

coordinated security advisories

same methodology, your stack

Author

Kai Aizen

Independent offensive security researcher. 23 published CVEs, 5 Linux kernel mainline patches, creator of AATMF / P.R.O.M.P.T / SEF, author of Adversarial Minds.

about services github x linkedin researchgate