open-webSearch fetchWebContent SSRF Vulnerability Analysis (CVE-style)

github.com 2026-05-22查看中文 →

Security AdvisoryHighopen-webSearch

Affected:

open-webSearch <= 2.1.6

Fixed in:

2.1.7

Referenced CVEs: CVE-2026-42260 · 8.2

文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive

This content was auto-fetched from github.com, cleaned by our LLM pipeline, and translated to English. View original.

More from this source

Hermes WebUI Auth Bypass via Unbound Profile Cookie and Fix 2026-06-18 Fix: HMAC-signed hermes_profile cookie to prevent profile isolation bypass 2026-06-18 Hermes WebUI Auth Bypass via Unencrypted Signature Cookie Forgery 2026-06-18 Fix insecure permissions on sensitive state files causing info leak 2026-06-18 Hermes: Fix for info leak via overly permissive response_store.db and webhook file permissions 2026-06-18

Offline Archive

Offline screenshot & PDF are Pro-exclusive