CVE-2026-34981
Insecure URL Validation in whisperX FileService Enables SSRF
Publication date: 2026-04-06
Last updated on: 2026-04-27
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| pavelzbornik | whisperx_rest_api | From 0.3.1 (inc) to 0.6.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
CVE-2026-34981 is a Server-Side Request Forgery (SSRF) vulnerability that allows unauthenticated attackers to access internal resources and sensitive cloud metadata, such as AWS credentials, by bypassing URL validation in the whisperX-fastapi package.
This unauthorized access to internal services and sensitive data could lead to information disclosure, which may impact compliance with data protection regulations like GDPR and HIPAA that require safeguarding sensitive personal and health information.
Specifically, the vulnerability enables attackers to retrieve sensitive metadata and internal network information, potentially exposing confidential data or credentials that could be used to further compromise protected data.
Therefore, without proper mitigation, this vulnerability poses a risk to maintaining compliance with standards that mandate strict controls over access to sensitive data and internal systems.
Can you explain this vulnerability to me?
CVE-2026-34981 is a Server-Side Request Forgery (SSRF) vulnerability in the whisperX-fastapi package, specifically in the download_from_url() function. The vulnerability occurs because the function makes HTTP requests without validating the URL first. The file extension check happens only after the HTTP request is made, allowing attackers to bypass restrictions by appending .mp3 to internal URLs.
This flaw enables attackers to access internal resources such as cloud metadata services (e.g., AWS metadata endpoints), internal APIs, or other sensitive internal network services by exploiting the unauthenticated /speech-to-text-url endpoint.
The vulnerability arises from lack of URL validation including no host allowlist or blocklist, no IP range checks, and no scheme restrictions before making the HTTP request. Attackers can exploit this to perform SSRF attacks by tricking the server into making unauthorized requests.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to perform unauthorized internal network requests from the vulnerable server, potentially leading to several impacts:
- Stealing sensitive cloud credentials by accessing cloud metadata endpoints.
- Scanning internal networks to discover and interact with internal services that are not exposed externally.
- Accessing internal APIs or services that may contain sensitive information or functionality.
- Potentially escalating attacks by leveraging internal network access to further compromise systems.
Because the vulnerable endpoint is unauthenticated, remote attackers can exploit this without any credentials or user interaction.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a Server-Side Request Forgery (SSRF) in the whisperX-fastapi package, which can be detected by monitoring for unusual HTTP requests made by the application to internal or sensitive URLs, especially those with appended .mp3 extensions that bypass file extension checks.
Detection can involve checking logs or network traffic for outbound requests to internal IP ranges such as 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16, or localhost addresses, particularly if these requests include suspicious URL patterns like appending .mp3 to internal metadata endpoints.
Suggested commands to detect potential exploitation attempts include:
- Using network monitoring tools like tcpdump or Wireshark to capture outbound HTTP requests from the server: tcpdump -i eth0 'tcp port 80 or tcp port 443'
- Searching application logs for URLs containing .mp3 appended to internal IP addresses or metadata endpoints: grep -r '169.254.169.254.*\.mp3' /path/to/logs/
- Using curl or wget to test the /speech-to-text-url endpoint for unauthenticated access and URL handling: curl -v 'http://yourserver/speech-to-text-url?url=http://169.254.169.254/latest/meta-data/iam/security-credentials/role.mp3'
- Running static code analysis tools like SonarQube with rule pythonsecurity:S5144 to detect SSRF risks in the codebase.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps involve implementing strict URL validation before making any HTTP requests in the vulnerable functions.
- Restrict URL schemes to only 'http' and 'https'.
- Block requests to private, link-local, loopback, and sensitive IP ranges such as 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16, and 127.0.0.0/8.
- Move the file extension validation to occur before any HTTP request is made to prevent bypass via appending .mp3.
- Apply URL validation both at the API layer and service layer as a defense-in-depth measure.
- Return appropriate HTTP 400 or 422 errors when validation fails to prevent processing malicious URLs.
- Update security policies and documentation to reflect these validation rules.
Additionally, upgrading to version 0.6.0 or later of whisperX-fastapi, where this vulnerability is fixed with comprehensive SSRF protection, is strongly recommended.