CVE-2026-33975 | twenty up to 1.18.0 SecureHttpClientService server-side request forgery

May 5, 2026 Yanac

A vulnerability described as critical has been identified in twenty up to 1.18.0. This affects an unknown function of the component SecureHttpClientService. Such manipulation leads to server-side request forgery.

This vulnerability is documented as CVE-2026-33975. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More

CVE-2026-32936 | CoreDNS up to 1.14.2 DNS Message resource consumption
CVE-2026-32699 | NeoRazorX facturascripts up to 2025.92 User Interface nick external control of assumed-immutable web parameter (EUVD-2026-27438)