Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
3DescriptionGitHub Advisory
Lemmy is a link aggregator and forum for the fediverse. Prior to version 0.19.18, Lemmy fetches metadata for user-supplied post URLs and, under the default StoreLinkPreviews image mode, downloads the preview image through local pict-rs. While the top-level page URL is checked against internal IP ranges, the extracted og:image URL is not subject to the same restriction. As a result, an authenticated low-privileged user can submit an attacker-controlled public page whose Open Graph image points to an internal image endpoint. Lemmy will fetch that internal image server-side and store a local thumbnail that can then be served back to users. This issue has been patched in version 0.19.18.
AnalysisAI
Server-side request forgery (SSRF) in Lemmy prior to version 0.19.18 allows authenticated low-privileged users to bypass internal IP range restrictions and access internal image endpoints. An attacker can submit a crafted post whose Open Graph image tag points to an internal server; Lemmy will fetch and cache the image server-side, potentially exposing sensitive internal resources. The vulnerability exists because the initial page URL is validated against internal IP ranges, but the extracted og:image URL is not subject to the same restriction, creating a two-stage bypass.
Technical ContextAI
Lemmy's link preview feature automatically fetches Open Graph metadata from user-supplied post URLs to generate preview cards. The vulnerable code path in crates/api_common/src/request.rs validates the top-level post URL against internal IP ranges via fetch_link_metadata(), but after HTML parsing, extract_opengraph_data() extracts absolute og:image values without re-validating them. These unvalidated image URLs are then passed to generate_pictrs_thumbnail(), which invokes a local pict-rs image processing service with image/download?url=[UNVALIDATED_URL]. This creates a two-stage source-to-sink chain where the security boundary (internal address check) is enforced only at the first hop, allowing attackers to bypass it through a secondary resource URL embedded in Open Graph metadata. The root cause is inadequate URL validation (CWE-918: Server-Side Request Forgery) at the metadata extraction stage.
RemediationAI
Upgrade Lemmy to version 0.19.18 or later immediately. The vendor has released patched version 0.19.18 (available at https://github.com/LemmyNet/lemmy/releases/tag/0.19.18) which applies server-side URL validation to extracted og:image values in addition to the top-level page URL. For instances unable to patch immediately, mitigations include: disable the default StoreLinkPreviews feature by configuring an alternative image mode in the Lemmy settings if available; restrict post creation privileges to trusted users only, limiting who can submit external links that trigger metadata fetching; or implement network-level egress filtering rules on the instance to prevent the pict-rs service from accessing internal IP ranges (however, this requires careful configuration to avoid breaking legitimate functionality). Note that these mitigations do not eliminate the vulnerability, only reduce the attack surface. Patching is the only complete fix.
Lemmy is a link aggregator and forum for the fediverse. Rated medium severity (CVSS 6.5), this vulnerability is remotely
Server-side request forgery (SSRF) in Lemmy prior to version 0.19.18 allows authenticated low-privileged users to trigge
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-28820