CVE-2026-3270

Name of the Vulnerable Software and Affected Versions PSI Probe versions up to 5.3.0

Description A flaw exists in PSI Probe that allows for server-side request forgery. This issue stems from the lookup function within the Whois.java file, located in the psi-probe-core/src/main/java/psiprobe/tools component. The manipulation of this function can lead to unauthorized requests being made on the server. The attack can be initiated remotely. The exploit for this issue has been publicly disclosed. The vendor was notified but did not provide a response.

Recommendations Versions prior to 5.3.0 should be used.