PT-2026-3248 · Hertzner+1 · Hertzner+1
Aaron Portnoy
·
Published
2026-01-16
·
Updated
2026-01-23
·
CVE-2026-0613
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
TheLibrarian (affected versions not specified)
Description
The Librarian software has an internal port scanning issue stemming from the
web fetch tool. This tool allows for Server-Side Request Forgery (SSRF)-style behavior, enabling GET requests to internal IP addresses and services. This functionality can be exploited to scan the Hertzner cloud environment used by TheLibrarian. The web fetch tool is the component directly involved in this issue.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hertzner
Thelibrarian