CVE-2026-54494
MEDIUM SEVERITYVulnerability Description
Koel: Full-read SSRF via podcast enclosure URL: isPublicHost() filter_var guard does not reject NAT64 (64:ff9b::/96) or 6to4 (2002::/16) IPv6-transition wrappers of internal IPv4
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
composer
Product
phanan/koel
Discussion (0)
Add Comment
No comments yet. Be the first!