CVE-2026-11346

UNKNOWN 0.0

Server-Side Request Forgery (SSRF) allowing Internal Network Probing in linqi

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

12th

A Server-Side Request Forgery (SSRF) vulnerability in the custom process creation feature of linqi allows an authenticated attacker to probe internal network components. By crafting a specific process containing an HTTP Request component, an attacker can force the server to send arbitrary HTTP requests. By observing the varying application responses (Success, Failed, or 504 Gateway Time-out), the attacker can determine the status of internal ports, leading to internal network reconnaissance.

CWE	CWE-918
Vendor	linqi gmbh
Product	linqi
Published	Jun 5, 2026
Last Updated	Jun 5, 2026

Stay Ahead of the Next One

Get instant alerts for linqi gmbh linqi

Be the first to know when new unknown vulnerabilities affecting linqi gmbh linqi are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

linqi GmbH / linqi

0 < 1.4.8.6

References

NVD ↗ CVE.org ↗ EPSS Data ↗

linqi.help: https://linqi.help/en/reference/security/security-advisories/#security-advisory-server-side-request-forgery-ssrf-allowing-internal-network-probing

Credits

Ianis BERNARD from NATO Cyber Security Centre (NCSC)