CVE-2026-50887

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

A Server-Side Request Forgery (SSRF) in the automatic short URL title resolution component of shlink v5.0.1 allows attackers to scan internal resources via supplying a crafted longUrl.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-50887

Affected Products

Undefined

CVE-2026-50887

Related Identifiers

Affected Products

References · 2