{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/local-file-read/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":9.3,"id":"CVE-2026-15143"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["guardrails-detectors"],"_cs_severities":["critical"],"_cs_tags":["vulnerability","ssrf","local-file-read","info-disclosure","guardrails"],"_cs_type":"advisory","_cs_vendors":["Guardrails"],"content_html":"\u003cp\u003eA critical vulnerability, tracked as CVE-2026-15143, has been identified in the \u003ccode\u003efile_type\u003c/code\u003e content detector component of \u003ccode\u003eguardrails-detectors\u003c/code\u003e. This flaw enables a remote attacker to supply an arbitrary XML Schema Definition (XSD) string, which the affected software processes without adequate validation or restrictions. Successful exploitation of this vulnerability can result in severe consequences, including Server-Side Request Forgery (SSRF) and the ability to perform local file reads. This exposure can lead to the disclosure of highly sensitive information, such as cloud provider credentials, API keys, or proprietary data stored on the system. Furthermore, the SSRF capability could allow attackers to bypass network segmentation and gain unauthorized access to internal network services, escalating the attack to other systems within the compromised environment.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eA remote attacker crafts a malicious XML Schema Definition (XSD) string designed to trigger either Server-Side Request Forgery (SSRF) or local file read primitives.\u003c/li\u003e\n\u003cli\u003eThe attacker delivers this crafted XSD string as input to the \u003ccode\u003efile_type\u003c/code\u003e content detector within the vulnerable \u003ccode\u003eguardrails-detectors\u003c/code\u003e component.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eguardrails-detectors\u003c/code\u003e component processes the arbitrary XSD string without proper restrictions, enabling the embedded malicious directives.\u003c/li\u003e\n\u003cli\u003eThe exploitation results in the \u003ccode\u003eguardrails-detectors\u003c/code\u003e system initiating unauthorized server-side requests to internal or external arbitrary URLs (SSRF).\u003c/li\u003e\n\u003cli\u003eConcurrently or alternatively, the exploitation allows the attacker to read arbitrary local files from the compromised system.\u003c/li\u003e\n\u003cli\u003eThrough local file reads, the attacker exfiltrates sensitive information such as cloud provider credentials, configuration files, or other sensitive data.\u003c/li\u003e\n\u003cli\u003eLeveraging the SSRF capabilities, the attacker gains unauthorized access to internal network services, potentially facilitating lateral movement or further information disclosure within the network.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-15143 carries a CVSS v3.1 Base Score of 9.3, indicating critical severity. The primary impact involves sensitive information disclosure, potentially compromising crucial assets such as cloud provider credentials. This can grant attackers unauthorized access to cloud resources, leading to data breaches, resource manipulation, or further attacks on cloud infrastructure. Additionally, the ability to read local files allows attackers to steal proprietary data, configuration files, or user information directly from the server. The Server-Side Request Forgery (SSRF) aspect enables attackers to bypass network perimeter defenses, access internal network services, scan internal networks, or interact with other internal systems, significantly broadening the scope of potential damage and facilitating deeper penetration into the target environment.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePatch CVE-2026-15143 on all affected \u003ccode\u003eguardrails-detectors\u003c/code\u003e installations immediately to prevent remote exploitation.\u003c/li\u003e\n\u003cli\u003eImplement strong egress filtering to restrict outbound connections from \u003ccode\u003eguardrails-detectors\u003c/code\u003e instances to only necessary and approved destinations, mitigating the impact of potential SSRF exploits.\u003c/li\u003e\n\u003cli\u003eMonitor network logs for suspicious outbound connections originating from the \u003ccode\u003eguardrails-detectors\u003c/code\u003e application to unusual or internal IP addresses that align with potential SSRF activity.\u003c/li\u003e\n\u003cli\u003eImplement file integrity monitoring on critical files (e.g., configuration files, credential stores) accessed by \u003ccode\u003eguardrails-detectors\u003c/code\u003e to detect unauthorized local file reads.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-10T16:18:28Z","date_published":"2026-07-10T16:18:28Z","id":"https://feed.craftedsignal.io/briefs/2026-07-arbitrary-xsd-ssrf-guardrails/","summary":"A flaw in the 'file_type' content detector of 'guardrails-detectors' allows a remote attacker to provide an arbitrary XML Schema Definition (XSD) string, leading to server-side request forgery (SSRF) and local file reads, potentially exposing sensitive information such as cloud provider credentials or granting access to internal network services.","title":"Arbitrary XML Schema Definition Processing in guardrails-detectors Leads to SSRF and Local File Read","url":"https://feed.craftedsignal.io/briefs/2026-07-arbitrary-xsd-ssrf-guardrails/"}],"language":"en","title":"CraftedSignal Threat Feed - Local-File-Read","version":"https://jsonfeed.org/version/1.1"}