Skip to content

CVE lookup

CVE-2026-57947

Pruva has a verified reproduction for CVE-2026-57947: Pinpoint through 3.1.0 allows authenticated users to register internal webhook URLs, leading to SSRF when alarm webhooks are delivered.. The canonical evidence record is REPRO-2026-00253.

REPRO

REPRO-2026-00253

Package

pinpoint-apm/pinpoint · maven

Severity

MEDIUM

Status

published