CVE-2026-12975
HighCVSS 8.5Exploitation Probability (EPSS)
Low risk15th percentile — higher than 15% of all known CVEs
Summary
A flaw was found in Apicurio Registry where the ContentTypeUtil.isParsableXml() method creates a SAXParserFactory without enabling secure processing or disabling external entity resolution. An attacker with artifact-write permission (or unauthenticated in default configuration) can upload a crafted XML document to trigger blind SSRF via external DTD/entity fetch or cause denial of service via entity expansion.
Risk Assessment
The risk includes SSRF attacks that may expose internal network resources and DoS attacks that can disrupt service availability. The threat is higher in default configurations where no authentication is required.
Recommendation
Update Apicurio Registry to the patched version immediately. As a workaround, enable secure XML processing in the parser configuration and restrict artifact-write permissions.
Original NVD description (English source)
A flaw was found in Apicurio Registry. The ContentTypeUtil.isParsableXml() method creates a SAXParserFactory without enabling secure processing features or disabling external entity resolution. An attacker with artifact-write permission (or unauthenticated when the registry runs with default configuration) can upload a crafted XML document to trigger blind server-side request forgery (SSRF) via external DTD/entity fetch, or cause denial of service via entity expansion.

