CVE-2026-3750 | ContiNew Admin up to 4.2.0 Storage Management S3ClientFactory.java URI.create server-side request forgery

A vulnerability was found in ContiNew Admin up to 4.2.0. It has been rated as critical. This issue affects the function URI.create of the file continew-system/src/main/java/top/continew/admin/system/factory/S3ClientFactory.java of the component Storage Management Module. The manipulation leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2026-3750. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More