5 matches found
GO-2026-4631 PinchTab has SSRF with Full Response Exfiltration via Download Handler in github.com/pinchtab/pinchtab
PinchTab has SSRF with Full Response Exfiltration via Download Handler in github.com/pinchtab/pinchtab...
CVE-2026-30834
Technical details about CVE-2026-30834 are not provided in the connected documents. The initial description notes an SSRF in PinchTab’s /download endpoint and a patch in 0.7.7, but no further specifics (affected versions, exploitation details, or mitigations) are included here. Monitor for updates.
CVE-2026-30834 PinchTab: SSRF with Full Response Exfiltration via Download Handler
PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. Prior to version 0.7.7, a Server-Side Request Forgery SSRF vulnerability in the /download endpoint allows any user with API access to induce the PinchTab server to make requests to arbitrary URLs,...
CVE-2026-30834 PinchTab: SSRF with Full Response Exfiltration via Download Handler
PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. Prior to version 0.7.7, a Server-Side Request Forgery SSRF vulnerability in the /download endpoint allows any user with API access to induce the PinchTab server to make requests to arbitrary URLs,...
CVE-2026-30834 PinchTab: SSRF with Full Response Exfiltration via Download Handler
PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. Prior to version 0.7.7, a Server-Side Request Forgery SSRF vulnerability in the /download endpoint allows any user with API access to induce the PinchTab server to make requests to arbitrary URLs,...