PatchSiren

codecentric CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH codecentric CVE published 2026-07-13

CVE-2026-62242

CVE-2026-62242 is a server-side request forgery vulnerability in Spring Boot Admin Server before 4.1.2. The vulnerability allows unauthenticated attackers to register instances with attacker-controlled healthUrl and managementUrl parameters without validation against private IP ranges or metadata endpoints. This can lead to server-side request forgery attacks, enabling attackers to force the server to mak [truncated]