PatchSiren

Kozea CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Kozea CVE published 2026-01-19

CVE-2025-68616

CVE-2025-68616 is a high-severity vulnerability in WeasyPrint, a Python library for generating PDF documents. The vulnerability allows attackers to bypass SSRF protection and access internal network resources. This occurs because the underlying urllib library follows HTTP redirects automatically without re-validating the new destination against the developer's security policy. WeasyPrint versions prior to [truncated]