{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/cpes/cpe2.3alfprojectsmcp_registry/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":["cpe:2.3:a:lfprojects:mcp_registry:*:*:*:*:*:*:*:*"],"_cs_cves":[{"cvss":4,"id":"CVE-2026-44430"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["gotenberg/gotenberg/v8"],"_cs_severities":["high"],"_cs_tags":["ssrf","gotenberg","ipv6","cve-2026-45741"],"_cs_type":"advisory","_cs_vendors":["GitHub"],"content_html":"\u003cp\u003eA vulnerability exists in Gotenberg version 8 up to 8.32.0 where the \u003ccode\u003eIsPublicIP\u003c/code\u003e function within \u003ccode\u003epkg/gotenberg/outbound.go\u003c/code\u003e fails to properly classify certain IPv6 addresses, specifically those using 6to4 (RFC 3056), NAT64 (RFC 6052 \u0026amp; RFC 8215), and deprecated site-local (RFC 3879) prefixes. Due to this misclassification, addresses intended for internal or private networks are incorrectly treated as public. This flaw allows an unauthenticated attacker to bypass intended restrictions and potentially access sensitive internal resources. The vulnerability is a variant of CVE-2026-44430 and has been assigned CVE-2026-45741. This poses a risk to deployments that rely on \u003ccode\u003eWithDenyPrivateIPs(true)\u003c/code\u003e to prevent access to internal IPs, particularly when hosted in dual-stack or NAT64-enabled cloud environments.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker crafts a DNS AAAA record that resolves to an IPv6 address using a 6to4, NAT64, or site-local prefix (e.g., \u003ccode\u003e2002:a9fe:a9fe::\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eThe attacker sends a request to Gotenberg, specifying a URL with a hostname that resolves to the crafted IPv6 address.\u003c/li\u003e\n\u003cli\u003eGotenberg\u0026rsquo;s \u003ccode\u003eIsPublicIP\u003c/code\u003e function is called to validate the IP address.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eIsPublicIP\u003c/code\u003e function fails to recognize the IPv6 prefix as internal due to inadequate checks beyond \u003ccode\u003eaddr.Unmap()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe function incorrectly classifies the IPv6 address as a public IP.\u003c/li\u003e\n\u003cli\u003eGotenberg proceeds to make an outbound HTTP request to the internal IPv4 address embedded within the IPv6 address (e.g., \u003ccode\u003e169.254.169.254\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eThe target service (e.g., AWS IMDS) responds with sensitive data such as IAM credentials.\u003c/li\u003e\n\u003cli\u003eThe Chromium URL convert route within Gotenberg returns the full response as a PDF, exfiltrating the sensitive data to the attacker (full-read SSRF).\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThis SSRF vulnerability allows an unauthenticated attacker to access internal resources, such as cloud metadata services (AWS IMDS, GCP metadata server, Azure Instance Metadata Service), and potentially leak sensitive information, including IAM credentials. This can lead to privilege escalation, data breaches, and unauthorized access to cloud resources. The vulnerability affects Gotenberg deployments configured to deny private IPs (\u003ccode\u003eWithDenyPrivateIPs(true)\u003c/code\u003e) and hosted in dual-stack or NAT64-enabled environments.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the patch or upgrade to a version of Gotenberg greater than 8.32.0 that includes the fix for CVE-2026-45741 to mitigate the IPv6 address misclassification.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect Gotenberg SSRF Attempt via IPv6 Prefixes\u0026rdquo; to detect attempts to exploit this vulnerability by monitoring outbound requests to known internal IP ranges via IPv6 addresses with the specified prefixes.\u003c/li\u003e\n\u003cli\u003eReview and harden network configurations to prevent or limit the impact of successful SSRF attacks, even if the application-level vulnerability is present.\u003c/li\u003e\n\u003cli\u003eImplement network segmentation to limit the blast radius of any potential SSRF attack and restrict access to sensitive internal resources.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-29T16:52:16Z","date_published":"2026-05-29T16:52:16Z","id":"https://feed.craftedsignal.io/briefs/2026-05-gotenberg-ssrf/","summary":"Gotenberg's `IsPublicIP` function incorrectly classifies IPv6 6to4, NAT64, and deprecated site-local addresses as public IPs, enabling an unauthenticated attacker to reach internal destinations such as cloud metadata services.","title":"Gotenberg SSRF via IPv6 Address Confusion (CVE-2026-45741)","url":"https://feed.craftedsignal.io/briefs/2026-05-gotenberg-ssrf/"}],"language":"en","title":"CraftedSignal Threat Feed — Cpe:2.3:a:lfprojects:mcp_registry:*:*:*:*:*:*:*:*","version":"https://jsonfeed.org/version/1.1"}