CVE-2026-27945 | Zitadel up to 4.11.0 API server-side request forgery (GHSA-7777-fhq9-592v)

A vulnerability classified as critical was found in Zitadel up to 4.11.0. This issue affects some unknown processing of the component API. Executing a manipulation can lead to server-side request forgery.

This vulnerability is handled as CVE-2026-27945. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More