CVE-2026-10107 | jxxghp MoviePilot up to 2.13.2 Image Proxy Endpoint SecurityUtils.is_safe_url server-side request forgery (Issue 5823)

A vulnerability was found in jxxghp MoviePilot up to 2.13.2. It has been declared as critical. This impacts the function SecurityUtils.is_safe_url of the component Image Proxy Endpoint. Such manipulation leads to server-side request forgery.

This vulnerability is referenced as CVE-2026-10107. It is possible to launch the attack remotely. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More