Skip to main content

KaizenCoders URL Shortify CVE-2026-25385

MEDIUM
Server-Side Request Forgery (SSRF) (CWE-918)
2026-02-19 audit@patchstack.com
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 22:03 vuln.today
CVE Published
Feb 19, 2026 - 09:16 nvd
MEDIUM 5.5

DescriptionCVE.org

Server-Side Request Forgery (SSRF) vulnerability in KaizenCoders URL Shortify url-shortify allows Server Side Request Forgery.This issue affects URL Shortify: from n/a through <= 1.12.3.

AnalysisAI

KaizenCoders URL Shortify versions up to 1.12.3 contain a server-side request forgery vulnerability that allows high-privileged attackers to make arbitrary HTTP requests from the affected server without user interaction. An authenticated attacker could exploit this flaw to access internal resources, interact with backend services, or perform reconnaissance on the internal network. No patch is currently available for this vulnerability.

Technical ContextAI

Classified as CWE-918 (Server-Side Request Forgery (SSRF)). Affects KaizenCoders URL Shortify url-shortify. Server-Side Request Forgery (SSRF) vulnerability in KaizenCoders URL Shortify url-shortify allows Server Side Request Forgery.This issue affects URL Shortify: from n/a through <= 1.12.3.

Affected ProductsAI

Product: KaizenCoders URL Shortify url-shortify.

RemediationAI

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

Share

CVE-2026-25385 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy