CVE-2026-10052

Name of the Vulnerable Software and Affected Versions Quay (affected versions not specified)

Description A flaw exists in the LDAP and SMTP validation functions of the Quay config-tool. An attacker with config editor access can exploit these functions, which establish outbound connections to user-supplied endpoints without proper IP or host filtering. This allows the attacker to perform internal network reconnaissance from the Quay pod's network position to potentially map the internal network infrastructure.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.