HIGH
karakeep-app
CVE published 2026-05-26
CVE-2026-45082
A Server-Side Request Forgery (SSRF) protection bypass vulnerability in Karakeep, a self-hostable bookmark management application, allows authenticated attackers to circumvent network isolation controls through crafted HTTP redirect chains. The vulnerability affects versions prior to 0.32.0 and impacts redirect-following processing components used in crawler functionality and video download workflows. Whi [truncated]