2 matches found
EUVD-2026-34917
A server-side request forgery SSRF vulnerability exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An authenticated user can submit a request whose input is treated as a URL by the server and used to issue an outbound HTTP GET request without URL validation ...
CVE-2026-11429
Summary: CVE-2026-11429 describes a path traversal in the Git Service shared by Altium Enterprise Server and Altium 365. An authenticated user with basic git access can perform post-clone file-manipulation using unvalidated paths to move attacker-controlled content outside the repository, enablin...