CVE-2026-11346
SSRF in linqi via Custom Process Creation
Publication date: 2026-06-05
Last updated on: 2026-06-05
Assigner: 86c47df7-7d28-48da-920a-6423c52fd3da
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linqi | onpremise | to 1.4.8.6 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves an authenticated attacker crafting a specific process with an HTTP Request component to force the server to send arbitrary HTTP requests and observe application responses to probe internal network components.
Detection would involve monitoring for unusual or unauthorized process creation requests that include HTTP components, as well as analyzing server logs for patterns of HTTP requests that could indicate internal network probing.
However, no specific commands or detection tools are provided in the available information.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability allows an authenticated attacker to perform SSRF by creating processes with HTTP Request components to probe internal network ports.
Immediate mitigation steps would generally include restricting or validating the creation of custom processes that can send HTTP requests, implementing strict access controls, and monitoring for suspicious activity related to process creation.
No specific mitigation instructions or patches are provided in the available information.
Can you explain this vulnerability to me?
This vulnerability is a Server-Side Request Forgery (SSRF) in the custom process creation feature of linqi. An authenticated attacker can create a process that includes an HTTP Request component, causing the server to send arbitrary HTTP requests. By analyzing the server's responses, such as Success, Failed, or 504 Gateway Time-out, the attacker can infer the status of internal network ports, effectively performing internal network reconnaissance.
How can this vulnerability impact me? :
The vulnerability allows an authenticated attacker to probe internal network components by sending arbitrary HTTP requests from the server. This can lead to unauthorized internal network reconnaissance, potentially exposing sensitive internal services or infrastructure details that could be leveraged for further attacks.