CVE-2026-27589 | caddyserver caddy up to 2.11.0 Admin API /load cross-site request forgery

A vulnerability has been found in caddyserver caddy up to 2.11.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /load of the component Admin API. This manipulation causes cross-site request forgery.

This vulnerability appears as CVE-2026-27589. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More