Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A flaw has been found in ItzCrazyKns Vane up to 1.12.1. This vulnerability affects unknown code of the file src/app/api/providers/route.ts of the component Model Provider API. This manipulation of the argument baseURL causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
AnalysisAI
Server-side request forgery (SSRF) in ItzCrazyKns Vane through version 1.12.1 enables unauthenticated remote attackers to manipulate the baseURL parameter in the Model Provider API, potentially accessing internal resources and services. The exploit has been publicly disclosed via a GitHub issue, and the CVSS temporal score indicates proof-of-concept code exists (E:P). The vendor was notified but has not yet responded or released a patch.
Technical ContextAI
Vane is affected by CWE-918 (Server-Side Request Forgery), where the application makes HTTP requests to attacker-controlled URLs without proper validation. The vulnerability resides in src/app/api/providers/route.ts, specifically in the Model Provider API endpoint. SSRF vulnerabilities allow attackers to use the vulnerable server as a proxy to access internal networks, cloud metadata services, or other restricted resources that would normally be inaccessible from the internet.
RemediationAI
No vendor-released patch identified at time of analysis. The vendor was notified via issue report but has not responded. As immediate mitigation, restrict network access to the Model Provider API endpoint, implement strict input validation for the baseURL parameter, or disable the affected API functionality if not required. Consider implementing an allowlist of permitted URLs for the baseURL parameter and deploying a web application firewall (WAF) with SSRF detection rules. Monitor for suspicious outbound requests from the Vane application server.
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-31586
GHSA-g5cv-p9gg-j22x