CVE-2026-26338

Name of the Vulnerable Software and Affected Versions Hyland Alfresco Transformation Service (affected versions not specified)

Description An unauthenticated attacker can perform server-side request forgery (SSRF) via the document processing functionality. SSRF occurs when an application makes requests to an internal or external resource on behalf of a user, and an attacker can manipulate the request to access unintended resources.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.