CVE-2026-34576
Published: 02 April 2026
Summary
CVE-2026-34576 is a high-severity SSRF (CWE-918) vulnerability in Gitroom Postiz. Its CVSS base score is 7.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 12.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Other AI Platforms.
The strongest mitigations our analysis identified are NIST 800-53 SC-7 (Boundary Protection) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires validation of user-supplied URLs to ensure they do not target internal resources, directly preventing SSRF exploitation in the upload-from-url endpoint.
Monitors and controls communications at system boundaries to block unauthorized outbound requests to internal networks, cloud metadata, and services.
Enforces information flow control policies that restrict application-initiated requests to approved external destinations only, mitigating SSRF access to internals.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SSRF in public-facing /upload-from-url endpoint enables T1190 (exploiting public app for remote access); direct fetch of cloud instance metadata enables T1522; probing internal network resources enables T1046 (network service discovery).
NVD Description
Postiz is an AI social media scheduling tool. Prior to version 2.21.3, the POST /public/v1/upload-from-url endpoint accepts a user-supplied URL and fetches it server-side using axios.get() with no SSRF protections. The only validation is a file extension check (.png, .jpg,…
more
etc.) which is trivially bypassed by appending an image extension to any URL path. An authenticated API user can fetch internal network resources, cloud instance metadata, and other internal services, with the response data uploaded to storage and returned to the attacker. This issue has been patched in version 2.21.3.
Deeper analysisAI
CVE-2026-34576 is a Server-Side Request Forgery (SSRF) vulnerability, classified under CWE-918, affecting Postiz, an AI-powered social media scheduling tool. In versions prior to 2.21.3, the POST /public/v1/upload-from-url endpoint allows authenticated users to supply a URL that the server fetches via axios.get() without any SSRF protections. The sole validation—a check for image file extensions like .png or .jpg—is easily bypassed by appending such an extension to any URL path.
An authenticated API user with low privileges (PR:L) can exploit this vulnerability remotely (AV:N) with low complexity (AC:L) and no user interaction (UI:N). Successful exploitation enables the attacker to fetch internal network resources, cloud instance metadata, and other internal services. The fetched response data is then uploaded to storage and returned directly to the attacker, resulting in high confidentiality impact (C:H) with a changed scope (S:C), as reflected in the CVSS v3.1 base score of 7.7.
The vulnerability has been patched in Postiz version 2.21.3. Security practitioners should upgrade to this version immediately. Additional details are available in the GitHub security advisory at https://github.com/gitroomhq/postiz-app/security/advisories/GHSA-89vp-m2qw-7v34 and the release notes at https://github.com/gitroomhq/postiz-app/releases/tag/v2.21.3.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Other AI Platforms
- Risk Domain
- N/A
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: ai