Vendor
A server-side request forgery (SSRF) vulnerability, identified as CVE-2026-8725, exists in CoreWorxLab CAAL up to version 1.6.0, allowing remote attackers to potentially trigger internal requests.