MEDIUM
subzeroid
CVE published 2026-06-11
CVE-2026-47157
CVE-2026-47157 is a vulnerability in the aiograpi library, which is an asynchronous Instagram API for Python. Versions before 0.9.10 of aiograpi accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were relative Instagram API paths. This allowed an attacker to send challenge handling requests outside the intended Instagram host with the clien [truncated]