CVE-2026-0613
Published: 16 January 2026
Summary
CVE-2026-0613 is a high-severity SSRF (CWE-918) vulnerability in Thelibrarian The Librarian. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 4.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-7 (Boundary Protection) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2026-0613 is a server-side request forgery (SSRF) vulnerability, classified under CWE-918, affecting The Librarian software. It stems from the `web_fetch` tool, which enables SSRF-style GET requests to internal IP addresses and services, allowing internal port scanning within the Hetzner cloud environment used by TheLibrarian. The vulnerability received a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) and was published on 2026-01-16.
Any unauthenticated attacker with network access can exploit this vulnerability due to its low complexity and lack of required privileges. Successful exploitation allows the attacker to perform port scanning of internal services in the Hetzner cloud, potentially leading to high confidentiality impacts by revealing sensitive internal network details without affecting integrity or availability.
The vendor has addressed the issue by fixing it in all affected versions of The Librarian. Additional details are available in the Mindgard disclosure at https://mindgard.ai/blog/thelibrarian-ios-ai-security-disclosure and on the vendor site at https://thelibrarian.io/.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-2942
Vulnerability details
The Librarian contains an internal port scanning vulnerability, facilitated by the `web_fetch` tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses.…
more
The vendor has fixed the vulnerability in all affected versions.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SSRF vuln in public-facing app directly enables exploitation via T1190 and facilitates internal network/port scanning via T1046.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Validates web_fetch inputs (URLs) to reject requests targeting internal IP addresses or services, directly blocking the SSRF vector.
Enforces boundary controls that deny the application server from initiating outbound connections to internal Hetzner cloud hosts and ports.
Implements information flow policies that can restrict the web_fetch tool from sending GET requests across security domains to internal resources.