CVE-2025-59146
Summary: CVE-2025-59146 targets the “New API” SSRF in versions before 0.9.0.5. An authenticated user can submit a URL for the server to fetch, with improper validation allowing server-side requests to arbitrary internal or external destinations. The issue is fixed in 0.9.0.5, which adds a default...