CyberRota
← Ana sayfaya dön

CVE-2026-48290

HIGH · CVSS 8.2 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-14T22:17:00.840 · Çekilme zamanı: 2026-07-15T00:11:04.885385+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

Tespit Edilen Sinyaller
exploit arbitrary code execution code execution

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-48290
Severity
HIGH
CVSS
8.2
EPSS
Yok

Orijinal NVD Açıklaması

CAI Content Credentials is affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session. Exploitation of this issue requires user interaction in that a victim must visit a maliciously crafted URL or interact with a compromised web page. Scope is changed.