CVE-2026-63306 - stoatchat before 0.13.5 Unauthenticated SSRF via proxy and embed endpoints
CVE ID :CVE-2026-63306 Published : July 16, 2026, 1:16 p.m. | 1 hour, 18 minutes ago Description :stoatchat before 0.13.5 contains an unauthenticated server-side request forgery vulnerability in the /proxy and /embed endpoints that accept arbitrary URLs without DNS resolution filtering or...