CVE-2026-11424
Awaiting Analysis Awaiting Analysis - Queue
Server-Side Request Forgery in Altium Enterprise Server and Altium 365

Publication date: 2026-06-05

Last updated on: 2026-06-08

Assigner: Altium

Description
A server-side request forgery (SSRF) vulnerability exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An authenticated user can submit a request whose input is treated as a URL by the server and used to issue an outbound HTTP GET request without URL validation or destination filtering. The response body is then returned to the user. This allows an authenticated attacker to reach internal services and metadata endpoints that would not otherwise be accessible from the public network, and to retrieve their contents. The impact is information disclosure and internal infrastructure reconnaissance; the request primitive is limited to HTTP GET with no custom headers. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-05
Last Modified
2026-06-08
Generated
2026-06-27
AI Q&A
2026-06-06
EPSS Evaluated
2026-06-25
NVD
CVE-2026-11424
EUVD
EUVD-2026-34917
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
altium enterprise_server 8.1.1
altium 365 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a server-side request forgery (SSRF) found in a GraphQL service component used by Altium Enterprise Server and Altium 365. An authenticated user can send a request where the input is treated as a URL by the server. The server then makes an outbound HTTP GET request to that URL without validating or filtering the destination.

Because of this, an attacker can make the server access internal services and metadata endpoints that are normally not accessible from outside the network. The server returns the response body from these requests back to the attacker.

Impact Analysis

This vulnerability can lead to information disclosure and internal infrastructure reconnaissance. An attacker who is authenticated can use it to access sensitive internal services and metadata that should be protected from external access.

The attacker can retrieve contents from internal endpoints, potentially exposing confidential data or system information. However, the attack is limited to HTTP GET requests without custom headers.

Mitigation Strategies

To mitigate this vulnerability, update Altium Enterprise Server to version 8.1.1 or later, where the issue has been fixed.

For Altium 365, the issue has been remediated at the service level, so ensure you are using the latest service version.

Additionally, restrict authenticated user access to the GraphQL service component to trusted users only, and monitor for unusual outbound HTTP GET requests originating from the server.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-11424. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart