CVE-2026-36764

· NIST NVD ↗

A Server-Side Request Forgery (SSRF) in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request.

MEDIUM

CVSS severity

CVSS base score

2026-04-30

Published

CWE codes

CWE-918

Sources

NIST NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-36764