CVE-2026-30834
Published: 07 March 2026
Summary
CVE-2026-30834 is a high-severity SSRF (CWE-918) vulnerability in Pinchtab Pinchtab. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 5.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Other AI Platforms.
Threat & Defense at a Glance
Threat & Defense Details
Likely Mitigating ControlsAI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Penetration testing attempts server-side requests to internal resources, identifying SSRF weaknesses for remediation.
Outbound connections to external resources can be monitored and limited at the boundary, reducing SSRF impact.
Validates server-side URLs and resource references to block SSRF attempts.
Detects server-side request forgery through monitoring of unexpected outbound connections.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SSRF in public /download endpoint directly enables T1190 (exploit public-facing app with no auth). Allows file:// retrieval of local files (T1005) and forced requests to internal IPs/services for remote system/service discovery (T1018, T1046).
NVD Description
PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. Prior to version 0.7.7, a Server-Side Request Forgery (SSRF) vulnerability in the /download endpoint allows any user with API access to induce the PinchTab…
more
server to make requests to arbitrary URLs, including internal network services and local system files, and exfiltrate the full response content. This issue has been patched in version 0.7.7.
Deeper analysisAI
CVE-2026-30834 is a Server-Side Request Forgery (SSRF) vulnerability, classified under CWE-918, affecting PinchTab versions prior to 0.7.7. PinchTab is a standalone HTTP server designed to provide AI agents with direct control over a Chrome browser. The flaw resides in the /download endpoint, which fails to properly validate user-supplied URLs, enabling SSRF attacks. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), reflecting high confidentiality impact with no requirements for authentication, user interaction, or privileges.
Any remote attacker with API access to a vulnerable PinchTab instance can exploit this issue by sending crafted requests to the /download endpoint. This allows the attacker to force the server to issue HTTP requests to arbitrary destinations, such as internal network services or local system files via protocols like file://, and retrieve the full response content for exfiltration. Successful exploitation could lead to unauthorized access to sensitive internal resources without impacting integrity or availability.
The vulnerability has been addressed in PinchTab version 0.7.7, as detailed in the GitHub security advisory at https://github.com/pinchtab/pinchtab/security/advisories/GHSA-rw8p-c6hf-q3pg. Security practitioners should upgrade to the patched version and review API access controls to mitigate risks, particularly in environments where AI agents interact with browser automation tools.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Other AI Platforms
- Risk Domain
- N/A
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: ai