Cyber Posture

CVE-2026-33182

High

Published: 26 March 2026

Published
26 March 2026
Modified
30 March 2026
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0003 8.8th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-33182 is a high-severity Insufficiently Protected Credentials (CWE-522) vulnerability in Saloon Saloon. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 8.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly remediates the SSRF flaw in Saloon by requiring timely upgrades to version 4.0.0 or later, where absolute URLs in endpoints are rejected.

SI-10 Information Input Validation good match
prevent

Requires validation of user-influenced endpoint inputs to ensure they are not absolute URLs, preventing SSRF and credential leakage to attacker-controlled hosts.

SC-7 Boundary Protection partial match
preventdetect

Monitors and controls outbound communications at system boundaries, blocking unauthorized requests to attacker-controlled hosts exploited via SSRF.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1528 Steal Application Access Token Credential Access
Adversaries can steal application access tokens as a means of acquiring credentials to access remote systems and resources.
attack.mitre.org →
Why these techniques?

SSRF in a public-facing API library directly enables initial access via exploitation of user-controlled endpoints (T1190); the same flaw causes attached auth headers/tokens to be sent to an attacker host, enabling theft of application access tokens (T1528).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Saloon is a PHP library that gives users tools to build API integrations and SDKs. Prior to version 4.0.0, when building the request URL, Saloon combined the connector's base URL with the request endpoint. If the endpoint was a valid…

more

absolute URL, the code used that URL as-is and ignored the base URL. The request—and any authentication headers, cookies, or tokens attached by the connector—was then sent to the attacker-controlled host. If the endpoint could be influenced by user input or configuration (e.g. redirect_uri, callback URL), this allowed server-side request forgery (SSRF) and/or credential leakage to a third-party host. The fix in version 4.0.0 is to reject absolute URLs in the endpoint: URLHelper::join() throws InvalidArgumentException when the endpoint is a valid absolute URL, unless explicitly allowed, requiring callers to opt-in to the functionality on a per-connector or per-request basis.

Deeper analysisAI

CVE-2026-33182 is a server-side request forgery (SSRF) vulnerability in Saloon, a PHP library used for building API integrations and SDKs. In versions prior to 4.0.0, Saloon's URL construction logic combines the connector's base URL with the request endpoint. However, if the endpoint is a valid absolute URL, the library uses it as-is, bypassing the base URL and sending the request—along with any attached authentication headers, cookies, or tokens—to the attacker-controlled host. This issue arises when the endpoint can be influenced by user input or configuration, such as redirect_uri or callback URLs, and is associated with CWE-522 (Insufficiently Protected Credentials) and CWE-918 (SSRF).

The vulnerability can be exploited by unauthenticated attackers over the network with low complexity and no user interaction required, as indicated by its CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). An attacker who can control or inject an absolute URL into the endpoint parameter—via user-supplied input, configuration files, or dynamic endpoints—can trick the application into making requests to arbitrary hosts. This enables SSRF to access internal services and potential leakage of sensitive credentials to third-party hosts under attacker control.

Mitigation is addressed in Saloon version 4.0.0, where the URLHelper::join() method now rejects absolute URLs in the endpoint by throwing an InvalidArgumentException, unless explicitly allowed via opt-in on a per-connector or per-request basis. Security practitioners should upgrade to 4.0.0 or later and review integrations for endpoint sources. Details are available in the Saloon upgrade guide from v3 to v4 at https://docs.saloon.dev/upgrade/upgrading-from-v3-to-v4 and the GitHub security advisory at https://github.com/saloonphp/saloon/security/advisories/GHSA-c83f-3xp6-hfcp.

Details

CWE(s)
CWE-522CWE-918

Affected Products

saloon
saloon
≤ 4.0.0

CVEs Like This One

CVE-2026-33942Same product: Saloon Saloon
CVE-2026-33183Same product: Saloon Saloon
CVE-2026-33540Shared CWE-918
CVE-2026-34076Shared CWE-918
CVE-2026-41323Shared CWE-918
CVE-2026-7025Shared CWE-918
CVE-2025-21385Shared CWE-918
CVE-2025-52362Shared CWE-918
CVE-2026-31317Shared CWE-918
CVE-2026-5016Shared CWE-918

References