CVE-2026-21885 | miniflux up to 2.2.15 /proxy/ server-side request forgery (GHSA-xwh2-742g-w3wp)

A vulnerability has been found in miniflux up to 2.2.15 and classified as critical. Affected is an unknown function of the file /proxy/. Performing a manipulation results in server-side request forgery.

This vulnerability is cataloged as CVE-2026-21885. It is possible to initiate the attack remotely. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More