← volver
CVE-2026-40242

Arcane Unauthenticated SSRF with Conditional Response Reflection in Template Fetch Endpoint

CVSS 7.2 HIGHEPSS 0.6%CWE-918
Vexday Risk Score
36Atención
Decisión SSVC (CISA)
Attend
PoC disponible → seguir de cerca
CVSS 7.2EPSS 0.6%KEV nãoPoC Nuclei simMetasploit Patch
Ciclo de vida
10 abr 2026Publicada en NVD
Recomendación: Planificar corrección próxima — ya existe PoC pública.
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.17.3, the /api/templates/fetch endpoint accepts a caller-supplied url parameter and performs a server-side HTTP GET request to that URL without authentication and without URL scheme or host validation. The server's response is returned directly to the caller. type. This constitutes an unauthenticated SSRF vulnerability affecting any publicly reachable Arcane instance. This vulnerability is fixed in 1.17.3.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Productos afectados
getarcaneapp · arcane

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →