CVE-2026-27023

Name of the Vulnerable Software and Affected Versions Twenty versions prior to 1.18

Description Twenty is an open source CRM. The software’s SSRF protection within the SecureHttpClientService did not fully validate request URLs, specifically failing to validate redirect targets. An authenticated user capable of controlling outbound request URLs, such as those used in webhooks or image URLs, could circumvent private IP blocking by redirecting requests through a server controlled by an attacker.

Recommendations Update to version 1.18 or later.