HIGH
codecentric
CVE published 2026-07-13
CVE-2026-62242
CVE-2026-62242 is a server-side request forgery vulnerability in Spring Boot Admin Server before 4.1.2. The vulnerability allows unauthenticated attackers to register instances with attacker-controlled healthUrl and managementUrl parameters without validation against private IP ranges or metadata endpoints. This can lead to server-side request forgery attacks, enabling attackers to force the server to mak [truncated]