CVE-2026-48555 | spatie laravel-medialibrary up to 11.22.x HTTP Request InteractsWithMedia.php addMediaFromUrl server-side request forgery

A vulnerability was found in spatie laravel-medialibrary up to 11.22.x. It has been rated as critical. Affected by this vulnerability is the function addMediaFromUrl of the file InteractsWithMedia.php of the component HTTP Request Handler. The manipulation leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2026-48555. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More