CVE-2026-59702 - repomix - Server-Side Request Forgery via Unvalidated Repository URLs in POST /api/pack
CVE ID :CVE-2026-59702 Published : July 8, 2026, 4:16 p.m. | 58 minutes ago Description :repomix contains a server-side request forgery vulnerability in the POST /api/pack endpoint that allows unauthenticated attackers to make arbitrary outbound requests. The endpoint fails to properly...