CVE Catalog

CVE-2026-13540

MediumCVSS 6.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.23%

13th percentile — higher than 13% of all known CVEs

Summary

A server-side request forgery (SSRF) vulnerability has been discovered in GitBucket up to version 4.46.1 in the Git.cloneRepository.setURI function. Manipulating the url argument in RepositoryCreationService.scala allows remote exploitation. The exploit is public, and applying a patch is recommended.

Risk Assessment

An attacker can exploit this vulnerability to make the GitBucket server send requests to internal network resources, potentially leading to data leakage, privilege escalation, or further compromise of the infrastructure.

Recommendation

Immediately apply the patch identified as 487a9b980f56aa73b6a044b1e86a92eed5043215 or upgrade GitBucket to a version newer than 4.46.1.

Original NVD description (English source)

A security flaw has been discovered in GitBucket up to 4.46.1. This affects the function Git.cloneRepository.setURI of the file src/main/scala/gitbucket/core/service/RepositoryCreationService.scala. Performing a manipulation of the argument url results in server-side request forgery. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The patch is named 487a9b980f56aa73b6a044b1e86a92eed5043215. To fix this issue, it is recommended to deploy a patch.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS