CVE-2026-11437EPSS p38.3%

CVE-2026-11437CVE-2026-11437

Description

A flaw has been found in perfree go-fastdfs-web up to 1.3.7. Affected is the function checkServer of the file /install/checkServer of the component Installation Endpoint. Executing a manipulation can lead to server-side request forgery. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Scoring

CVSS 7.3 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS0.49% probability of exploitation · percentile 38.3% · 2026-06-18T12:00:27Z
Last modified2026-06-08

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-10294
CVE
CVE-2026-7056
CVE
CVE-2026-3271
CVE
CVE-2026-7035
CVE
CVE-2026-26139
CVE
CVE-2026-3377
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.