CVE Catalog

CVE-2026-12975

HighCVSS 8.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.24%

15th percentile — higher than 15% of all known CVEs

Summary

A flaw was found in Apicurio Registry where the ContentTypeUtil.isParsableXml() method creates a SAXParserFactory without enabling secure processing or disabling external entity resolution. An attacker with artifact-write permission (or unauthenticated in default configuration) can upload a crafted XML document to trigger blind SSRF via external DTD/entity fetch or cause denial of service via entity expansion.

Risk Assessment

The risk includes SSRF attacks that may expose internal network resources and DoS attacks that can disrupt service availability. The threat is higher in default configurations where no authentication is required.

Recommendation

Update Apicurio Registry to the patched version immediately. As a workaround, enable secure XML processing in the parser configuration and restrict artifact-write permissions.

Original NVD description (English source)

A flaw was found in Apicurio Registry. The ContentTypeUtil.isParsableXml() method creates a SAXParserFactory without enabling secure processing features or disabling external entity resolution. An attacker with artifact-write permission (or unauthenticated when the registry runs with default configuration) can upload a crafted XML document to trigger blind server-side request forgery (SSRF) via external DTD/entity fetch, or cause denial of service via entity expansion.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS