| CVE-2026-42595 |
high |
8.6 |
8.6 |
|
|
|
21d ago |
Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass |
| CVE-2026-42591 |
high |
8.2 |
8.2 |
|
|
|
21d ago |
Gotenberg has a Server-Side Request Forgery (SSRF) Issue |
| CVE-2026-42590 |
high |
8.2 |
8.2 |
|
|
|
21d ago |
Gotenberg's ExifTool group-prefix syntax bypasses dangerous-tag blocklist |
| CVE-2026-40893 |
high |
8.2 |
8.2 |
|
|
|
21d ago |
Gotenberg has an ExifTool Dangerous Tag Blocklist Bypass via Group-Prefixed Tag Names that Allows Arbitrary File Rename and Move |
| CVE-2026-42594 |
high |
7.5 |
7.5 |
|
|
|
21d ago |
Gotenberg has an unauthenticated denial of service via echo.Context pool reuse in webhook async goroutine |
| CVE-2026-40280 |
high |
7.5 |
7.5 |
|
|
|
1mo ago |
Gotenberg has case-insensitive URL scheme that bypasses webhook and downloadFrom deny-list SSRF protection |
| CVE-2026-27018 |
high |
7.5 |
7.5 |
|
|
|
2mo ago |
Gotenberg has Chromium deny-list bypass via case-insensitive URL scheme (bypass of GHSA-rh2x-ccvw-q7r3) in github.com/gotenberg/gotenberg |
| CVE-2026-39383 |
high |
7.2 |
7.2 |
|
|
|
1mo ago |
Gotenberg Vulnerable to Unauthenticated SSRF via Unfiltered Webhook URL |
| CVE-2026-42597 |
medium |
5.9 |
5.9 |
|
|
|
21d ago |
Gotenberg allows Chromium URL conversion routes to read arbitrary files under /tmp via file:// scheme |
| CVE-2026-42593 |
medium |
5.3 |
5.3 |
|
|
|
21d ago |
Gotenberg has arbitrary PDF read via stampExpression and watermarkExpression in merge, split, and convert routes |
| CVE-2026-42592 |
medium |
5.3 |
5.3 |
|
|
|
21d ago |
Gotenberg's DNS rebinding bypasses SSRF validation on Chromium URL conversion routes |
| CVE-2026-45742 |
unknown |
— |
— |
|
|
|
6d ago |
Gotenberg has a Race Condition via Multipart `downloadFrom` Handling |
| CVE-2026-45741 |
unknown |
— |
— |
|
|
|
6d ago |
Gotenberg has an SSRF deny-list bypass in IsPublicIP via IPv6 6to4 / NAT64 / site-local prefixes |
| CVE-2026-44829 |
unknown |
— |
— |
|
|
|
6d ago |
Gotenberg has path traversal in zip entry name via Windows-style separators in upload filename |
