CVE-2026-48555 Spatie Laravel Media Library < 11.23.0 SSRF via addMediaFromUrl()

Spatie Laravel Media Library before version 11.23.0 contains a server-side request forgery vulnerability that allows remote attackers to cause the server to issue arbitrary outbound HTTP requests by passing user-controlled URLs to the addMediaFromUrl method in InteractsWithMedia.php...

EUVD-2026-33418

Spatie Laravel Media Library before version 11.23.0 contains a server-side request forgery vulnerability that allows remote attackers to cause the server to issue arbitrary outbound HTTP requests by passing user-controlled URLs to the addMediaFromUrl method in InteractsWithMedia.php...

CVE-2026-48555

Spatie Laravel Media Library (≤11.22.x) is affected by an SSRF in addMediaFromUrl() used by InteractsWithMedia.php, allowing a remote attacker to induce the server to make arbitrary outbound HTTP requests by providing user-controlled URLs. Impact aligns with CVSS: Network, with low to moderate co...

PT-2026-44978

Spatie Laravel Media Library before version 11.23.0 contains a server-side request forgery vulnerability that allows remote attackers to cause the server to issue arbitrary outbound HTTP requests by passing user-controlled URLs to the addMediaFromUrl method in InteractsWithMedia.php...

Spatie Laravel Media Library Pro 代码问题漏洞

Spatie Laravel Media Library Pro is a UI component for Laravel media libraries developed by the Belgian company Spatie. Versions of Spatie Laravel Media Library Pro prior to 11.23.0 had code vulnerabilities. These vulnerabilities stemmed from the addMediaFromUrl method in InteractsWithMedia.php,...