CVE-2026-47356 | Tenable Terrascan up to 1.18.3 File Scan Endpoint webhook_url server-side request forgery

A vulnerability has been found in Tenable Terrascan up to 1.18.3 and classified as critical. This issue affects some unknown processing of the file /v1/{iac}/{iacVersion}/{cloud}/local/file/scan of the component File Scan Endpoint. Performing a manipulation of the argument webhook_url results in server-side request forgery.

This vulnerability is identified as CVE-2026-47356. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More