CyberRota
← Ana sayfaya dön

CVE-2026-15143

CRITICAL · CVSS 9.3

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-10T16:16:25.680 · Çekilme zamanı: 2026-07-10T18:27:30.544716+00:00

CyberRota Yorumu

Uzaktan istismar edilebilir olabilir.

CVE
CVE-2026-15143
Severity
CRITICAL
CVSS
9.3
EPSS
Yok

Orijinal NVD Açıklaması

A flaw was found in the file_type content detector of guardrails-detectors. This vulnerability allows a remote attacker to supply an arbitrary XML Schema Definition (XSD) string, which is processed without proper restrictions. This can lead to server-side requests to arbitrary URLs or local file reads, potentially resulting in sensitive information disclosure, such as cloud provider credentials or access to internal network services.