CVE-2026-27127

Craft is a content management system CMS. In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation performs DNS resolution separately from the HTTP request. This Time-of-Check-Time-of-Use TOCTOU vulnerability enables DNS rebindi...

PT-2026-21899

A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub Backstage. The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user can inject specially crafted input into API requests, which disrupts backend query processing. This...

Red Hat Developer Hub SQL注入漏洞

Red Hat Developer Hub is an enterprise-level internal developer platform developed by Red Hat Inc. The platform has a SQL injection vulnerability, which stems from insufficient input validation in GraphQL query processing. This vulnerability may allow authenticated users to inject malicious input...

GHSA-V2GC-RM6G-WRW9 Craft CMS: Cloud Metadata SSRF Protection Bypass via IPv6 Resolution

The SSRF validation in Craft CMS’s GraphQL Asset mutation uses gethostbyname, which only resolves IPv4 addresses. When a hostname has only AAAA IPv6 records, the function returns the hostname string itself, causing the blocklist comparison to always fail and completely bypassing SSRF protection...

Server-side Request Forgery (SSRF)

Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the gethostbyname function used during GraphQL Asset mutation processing. An attacker can access internal cloud metadata endpoints by supplying hostnames...

CVE-2026-27127

Craft is a content management system CMS. In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation performs DNS resolution separately from the HTTP request. This Time-of-Check-Time-of-Use TOCTOU vulnerability enables DNS rebindi...

CVE-2026-27129

Craft is a content management system CMS. In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation uses gethostbyname, which only resolves IPv4 addresses. When a hostname has only AAAA IPv6 records, the function returns the...

CVE-2026-27129

Craft is a content management system CMS. In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation uses gethostbyname, which only resolves IPv4 addresses. When a hostname has only AAAA IPv6 records, the function returns the...

CVE-2026-27129 Cloud Metadata SSRF Protection Bypass via IPv6 Resolution

Craft is a content management system CMS. In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation uses gethostbyname, which only resolves IPv4 addresses. When a hostname has only AAAA IPv6 records, the function returns the...

CVE-2026-27129

CVE-2026-27129 affects Craft CMS, where the SSRF protection in the GraphQL Asset mutation (versions 4.5.0-RC1–4.16.18 and 5.0.0-RC1–5.8.22) is bypassed due to using gethostbyname(), which only resolves IPv4. If a host has only IPv6 (AAAA) records, the function returns the hostname, causing blockl...

CVE-2026-27129 Cloud Metadata SSRF Protection Bypass via IPv6 Resolution

Craft is a content management system CMS. In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation uses gethostbyname, which only resolves IPv4 addresses. When a hostname has only AAAA IPv6 records, the function returns the...

EUVD-2026-7400

Craft is a content management system CMS. In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation uses gethostbyname, which only resolves IPv4 addresses. When a hostname has only AAAA IPv6 records, the function returns the...

CVE-2026-27127

CVE-2026-27127 affects Craft CMS (versions 4.5.0-RC1–4.16.18 and 5.0.0-RC1–5.8.22). It exploits a TOCTOU DNS rebinding flaw in the GraphQL Asset mutation where DNS resolution occurs separately from the HTTP request, bypassing prior fixes for CVE-2025-68437 and allowing access to blocked IPs. Expl...

CVE-2026-27127 Craft CMS has Cloud Metadata SSRF Protection Bypass via DNS Rebinding

Craft is a content management system CMS. In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation performs DNS resolution separately from the HTTP request. This Time-of-Check-Time-of-Use TOCTOU vulnerability enables DNS rebindi...

CVE-2026-27127

Craft is a content management system CMS. In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation performs DNS resolution separately from the HTTP request. This Time-of-Check-Time-of-Use TOCTOU vulnerability enables DNS rebindi...

CVE-2026-27127 Craft CMS has Cloud Metadata SSRF Protection Bypass via DNS Rebinding

Craft is a content management system CMS. In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation performs DNS resolution separately from the HTTP request. This Time-of-Check-Time-of-Use TOCTOU vulnerability enables DNS rebindi...

CVE-2026-27127 Craft CMS has Cloud Metadata SSRF Protection Bypass via DNS Rebinding

Craft is a content management system CMS. In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMS’s GraphQL Asset mutation performs DNS resolution separately from the HTTP request. This Time-of-Check-Time-of-Use TOCTOU vulnerability enables DNS rebindi...

Craft CMS 安全漏洞

Craft CMS is an open-source content management system developed by Craft CMS. There are security vulnerabilities in versions 4.5.0-RC1 to 4.16.18, and from 5.0.0-RC1 to 5.8.22 of Craft CMS. These vulnerabilities stem from a TOCTOU issue in the SSRF validation of GraphQL Assets, which could lead t...

Craft CMS 代码问题漏洞

Craft CMS is an open-source content management system developed by Craft CMS. There are code vulnerabilities in versions 4.5.0-RC1 to 4.16.18, and from 5.0.0-RC1 to 5.8.22 of Craft CMS. These vulnerabilities stem from a GraphQL Asset mutation where the SSRF validation only parses IPv4 addresses,...

GHSA-GP2F-7WCM-5FHX Craft CMS has Cloud Metadata SSRF Protection Bypass via DNS Rebinding

Summary The SSRF validation in Craft CMS’s GraphQL Asset mutation performs DNS resolution separately from the HTTP request. This Time-of-Check-Time-of-Use TOCTOU vulnerability enables DNS rebinding attacks, where an attacker’s DNS server returns different IP addresses for validation compared to t...