CVE-2026-47358

CVE-2026-47358 affects Terrascan v1.18.3 and earlier. In server mode, Terrascan parses uploaded ARM/CloudFormation templates and resolves external URLs via hashicorp/go-getter with default detectors (including FileDetector), enabling an unauthenticated attacker to upload templates containing atta...