CVE-2026-33182 | saloonphp saloon up to 3.x Request Endpoint URLHelper::join server-side request forgery (GHSA-c83f-3xp6-hfcp)

A vulnerability marked as critical has been reported in saloonphp saloon up to 3.x. The impacted element is the function URLHelper::join of the component Request Endpoint. The manipulation leads to server-side request forgery.

This vulnerability is referenced as CVE-2026-33182. Remote exploitation of the attack is possible. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More