EUVD-2026-17532

🗓️ 31 Mar 2026 18:31:31Reported by EUVDType

Server side request forgery in Chatwoot 4.11.2 affects Webhooks Trigger URL manipulation; remote.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2026-5205	31 Mar 202616:30	–	attackerkb
Circl	CVE-2026-5205	31 Mar 202619:36	–	circl
CNNVD	Chatwoot 代码问题漏洞	31 Mar 202600:00	–	cnnvd
CVE	CVE-2026-5205	31 Mar 202616:30	–	cve
Cvelist	CVE-2026-5205 chatwoot Webhook API trigger.rb Trigger server-side request forgery	31 Mar 202616:30	–	cvelist
NVD	CVE-2026-5205	31 Mar 202617:16	–	nvd
Positive Technologies	PT-2026-29296	31 Mar 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-5205	1 Apr 202617:40	–	redhatcve
Vulnrichment	CVE-2026-5205 chatwoot Webhook API trigger.rb Trigger server-side request forgery	31 Mar 202616:30	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "a03aee3f-8933-3be1-929b-bc3eb97c0e92",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "02253473-5e3b-3422-9cbd-436e08d07555",
        "product": {
          "name": "chatwoot"
        },
        "product_version": "4.11.2"
      },
      {
        "id": "0be8d2a8-bee7-3caf-8c05-6f2341852aba",
        "product": {
          "name": "chatwoot"
        },
        "product_version": "4.11.0"
      },
      {
        "id": "ff751485-d06b-314c-84be-e2c5d18a2acd",
        "product": {
          "name": "chatwoot"
        },
        "product_version": "4.11.1"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/vuln/354333
vuldb	www.vuldb.com/vuln/354333/cti
vuldb	www.vuldb.com/submit/780305
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-5205

31 Mar 2026 18:31Current

5.6Medium risk

Vulners AI Score5.6

CVSS 45.3

CVSS 3.16.3

CVSS 26.5

CVSS 36.3

EPSS0.00216