KaizenCoders URL Shortify CVE-2026-25385
MEDIUMSeverity by source
AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
Server-Side Request Forgery (SSRF) vulnerability in KaizenCoders URL Shortify url-shortify allows Server Side Request Forgery.This issue affects URL Shortify: from n/a through <= 1.12.3.
AnalysisAI
KaizenCoders URL Shortify versions up to 1.12.3 contain a server-side request forgery vulnerability that allows high-privileged attackers to make arbitrary HTTP requests from the affected server without user interaction. An authenticated attacker could exploit this flaw to access internal resources, interact with backend services, or perform reconnaissance on the internal network. No patch is currently available for this vulnerability.
Technical ContextAI
Classified as CWE-918 (Server-Side Request Forgery (SSRF)). Affects KaizenCoders URL Shortify url-shortify. Server-Side Request Forgery (SSRF) vulnerability in KaizenCoders URL Shortify url-shortify allows Server Side Request Forgery.This issue affects URL Shortify: from n/a through <= 1.12.3.
Affected ProductsAI
Product: KaizenCoders URL Shortify url-shortify.
RemediationAI
Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today