CVE Catalog
CVE-2026-39087
MediumCVSS 6.4Exploitation Probability (EPSS)
Low risk0.41%
33th percentile - higher than 33% of all known CVEs
Summary
SSRF vulnerability in ntfy before version 2.22.0 due to an unanchored regular expression for web push endpoint URLs. This allows an attacker to send requests to internal network resources.
Risk Assessment
The risk involves potential scanning of internal networks, access to sensitive data, or attacks on other internal services.
Recommendation
Immediately update ntfy to version 2.22.0 or later, which includes a fix for this issue.
Original NVD description (English source)
ntfy before 2.22.0 allows SSRF because of an unanchored regular expression for web push endpoint URLs.

