Skip to main content

Misp Modules

1 CVEs product

Monthly

CVE-2026-62143 HIGH PATCH This Week

Server-Side Request Forgery bypass in the html_to_markdown expansion module of misp-modules lets an authenticated attacker reach internal, loopback, and link-local services that the module's IP range filtering was meant to block. By supplying an IPv4-mapped IPv6 address such as http://[::ffff:169.254.169.254]/ (or a hostname resolving to one), the attacker defeats the blocked-range checks and can pull back internal content — including cloud instance metadata — rendered back to them as Markdown. No public exploit identified at time of analysis and it is not in CISA KEV, but the underlying IPv4-mapped-IPv6 filter bypass is a well-understood, easily reproduced technique.

SSRF Misp Modules
NVD GitHub
CVSS 4.0
8.3
EPSS
0.2%
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Server-Side Request Forgery bypass in the html_to_markdown expansion module of misp-modules lets an authenticated attacker reach internal, loopback, and link-local services that the module's IP range filtering was meant to block. By supplying an IPv4-mapped IPv6 address such as http://[::ffff:169.254.169.254]/ (or a hostname resolving to one), the attacker defeats the blocked-range checks and can pull back internal content — including cloud instance metadata — rendered back to them as Markdown. No public exploit identified at time of analysis and it is not in CISA KEV, but the underlying IPv4-mapped-IPv6 filter bypass is a well-understood, easily reproduced technique.

SSRF Misp Modules
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy