Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2026/03/26 3:3 p.m.8 views

CVE-2026-30953

LinkAce is a self-hosted archive to collect website links. When a user creates a link via POST /links, the server fetches HTML metadata from the provided URL LinkRepository::create calls HtmlMeta::getFromUrl. The LinkStoreRequest validation rules do not include NoPrivateIpRule, allowing server-si...

7.7CVSS5.9AI score0.00218EPSS
Exploits0References1
nvd
nvd
added 2026/03/10 9:16 p.m.5 views

CVE-2026-30953

LinkAce is a self-hosted archive to collect website links. When a user creates a link via POST /links, the server fetches HTML metadata from the provided URL LinkRepository::create calls HtmlMeta::getFromUrl. The LinkStoreRequest validation rules do not include NoPrivateIpRule, allowing server-si...

7.7CVSS0.00218EPSS
Exploits0References1
euvd
euvd
added 2026/03/10 8:38 p.m.4 views

EUVD-2026-10874

LinkAce is a self-hosted archive to collect website links. When a user creates a link via POST /links, the server fetches HTML metadata from the provided URL LinkRepository::create calls HtmlMeta::getFromUrl. The LinkStoreRequest validation rules do not include NoPrivateIpRule, allowing server-si...

7.7CVSS5.8AI score0.00218EPSS
Exploits0References1
cve
cve
added 2026/03/10 8:38 p.m.19 views

CVE-2026-30953

LinkAce is affected by CVE-2026-30953 due to missing validation for NoPrivateIpRule during link creation. The server fetches HTML metadata from user-provided URLs in LinkRepository::create() via HtmlMeta::getFromUrl(), and the NoPrivateIpRule is only applied in FetchController.php, not in the pri...

7.7CVSS5.8AI score0.00218EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder