CVE-2026-45741
published 2026-05-29CVE-2026-45741: Gotenberg has an SSRF deny-list bypass in IsPublicIP via IPv6 6to4 / NAT64 / site-local prefixes ### Summary `IsPublicIP` in `pkg/gotenberg/outbound.go`…
high8.6
Gotenberg has an SSRF deny-list bypass in IsPublicIP via IPv6 6to4 / NAT64 / site-local prefixes
### Summary
`IsPublicIP` in `pkg/gotenberg/outbound.go` incorrectly classifies IPv6 6to4 / NAT64 / deprecated site-local addresses as public IPs, allowing an unauthenticated attacker to reach internal destinations (e.g., cloud metadata services at `169.254.169.254`) via a single crafted DNS AAAA record. This is a variant of CVE-2026-44430 (modelcontextprotocol/registry).
### Details
`IsPublicIP` uses Go stdlib helpers (`IsLoopback`, `IsPrivate`, `IsLinkLocalUnicast`, etc.) to block internal IPs. However, these helpers do not recognize IPv6 prefixes that embed IPv4 addresses:
| Prefix | RFC | Tunnels to |
|--------|-----|-----------|
| `2002::/16` | RFC 3056 (6to4) | IPv4 in bits 16-47 |
| `64:ff9b::/96` | RFC 6052 (NAT64 well-known) | IPv4 in low 32 bits |
| `64:ff9b:1::/48` | RFC 8215 (NAT64 local-use) | IPv4 in low 32 bits |
| `fec0::/10` | RFC 3879 (deprecated site-local) | internal routing |
`addr.Unmap()` only handles `::ffff:0:0/96` (IPv4-mapped) and has no effect on these prefixes. On dual-stack or NAT64-enabled cloud hosts, the OS kernel transparently routes these addresses to their embedded internal IPv4 destinations.
Vulnerable code (`pkg/gotenberg/outbound.go` L53-69, commit `93d0103`):
```go
func IsPublicIP(addr netip.Addr) bool {
addr = addr.Unmap() // only handles ::ffff:x.x.x.x
switch {
case addr.IsLoopback(), addr.IsPrivate(),
addr.IsLinkLocalUnicast(), ...:
return false
}
return true // 6to4/NAT64/site-local incorrectly reaches here
}
```
### PoC
```
cd poc/
./build.sh # docker build (~30s)
./run.sh # docker run — exits with code 1 (bug detected)
```
Expected output: `IsPublicIP(2002:a9fe:a9fe::) = true` — the function returns true for 3 addresses that wrap 169.254.169.254 (AWS IMDS). Full test file available via GHSA private comment on request.
### Impact
An unauthenticated attacker controlling a DNS AAAA record can tunnel gotenberg's outbouAffected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | axllent_mailpit | >= 0 < 1.30.2 | 1.30.2 |
| github.com | gotenberg_gotenberg_v8 | 0 – 8.32.0 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Mailpit: Incomplete SSRF protection in Link Check API via IPv6 transition mechanisms
ghsa·2026-06-19·CVSS 8.6
CVE-2026-55187 [HIGH] CWE-918 Mailpit: Incomplete SSRF protection in Link Check API via IPv6 transition mechanisms
Mailpit: Incomplete SSRF protection in Link Check API via IPv6 transition mechanisms
## Summary
The remediation shipped in mailpit v1.29.2 for [GHSA-mpf7-p9x7-96r3](https://github.com/axllent/mailpit/security/advisories/GHSA-mpf7-p9x7-96r3) (CVE-2026-27808) is incomplete. The `tools.IsInternalIP` deny-list relies on Go's stdlib classification helpers (`IsLoopback`, `IsPrivate`, `IsLinkLocalUnicast`, `IsLinkLocalMulticast`, `IsUnspecified`, `IsMulticast`) plus an inline CGNAT range, but those helpers do **not** match two classes of IPv6 address that should be blocked for SSRF purposes:
1. **IPv6 forms that embed an IPv4 destination via documented translation mechanisms** — 6to4, NAT64, IPv4-compatible IPv6, ISATAP, or (in older Go versions) IPv4-mapped IPv6. These let an attacker reach i
VulDB
Gotenberg server-side request forgery
vuldb·2026-05-30
CVE-2026-45741 [CRITICAL] Gotenberg server-side request forgery
A vulnerability identified as critical has been detected in Gotenberg. This affects an unknown function. The manipulation leads to server-side request forgery.
This vulnerability is uniquely identified as CVE-2026-45741. The attack is possible to be carried out remotely. No exploit exists.
GHSA
Gotenberg has an SSRF deny-list bypass in IsPublicIP via IPv6 6to4 / NAT64 / site-local prefixes
ghsa·2026-05-29·CVSS 6.3
CVE-2026-45741 [MEDIUM] CWE-184 Gotenberg has an SSRF deny-list bypass in IsPublicIP via IPv6 6to4 / NAT64 / site-local prefixes
Gotenberg has an SSRF deny-list bypass in IsPublicIP via IPv6 6to4 / NAT64 / site-local prefixes
### Summary
`IsPublicIP` in `pkg/gotenberg/outbound.go` incorrectly classifies IPv6 6to4 / NAT64 / deprecated site-local addresses as public IPs, allowing an unauthenticated attacker to reach internal destinations (e.g., cloud metadata services at `169.254.169.254`) via a single crafted DNS AAAA record. This is a variant of CVE-2026-44430 (modelcontextprotocol/registry).
### Details
`IsPublicIP` uses Go stdlib helpers (`IsLoopback`, `IsPrivate`, `IsLinkLocalUnicast`, etc.) to block internal IPs. However, these helpers do not recognize IPv6 prefixes that embed IPv4 addresses:
| Prefix | RFC | Tunnels to |
|--------|-----|-----------|
| `2002::/16` | RFC 3056 (6to4) | IPv4 in bits 16-47 |
|
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-29
Published