Cyber Resilience

CVE-2026-40168

HighPublic PoC

Published: 10 April 2026

Published
10 April 2026
Modified
14 April 2026
KEV Added
Patch
CVSS Score v3.1 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
EPSS Score 0.0037 28.9th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-40168 is a high-severity SSRF (CWE-918) vulnerability in Gitroom Postiz. Its CVSS base score is 8.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 28.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as LLM Application Platforms; in the Supply Chain and Deployment risk domain.

The strongest mitigations our analysis identified are NIST 800-53 AC-4 (Information Flow Enforcement) and SC-7 (Boundary Protection).

Deeper analysis

CVE-2026-40168 is a Server-Side Request Forgery (SSRF) vulnerability, classified under CWE-918, affecting Postiz, an AI social media scheduling tool, in versions prior to 2.21.5. The issue exists in the /api/public/stream endpoint, where the application validates the initially supplied URL to block direct requests to private or internal hosts but does not re-validate the final destination following HTTP redirects. This flaw enables attackers to provide a public HTTPS URL that passes initial validation and subsequently redirects the server-side request to an internal resource. The vulnerability carries a CVSS v3.1 base score of 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L), indicating high severity due to significant confidentiality risks.

Unauthenticated attackers can exploit this vulnerability remotely with low complexity and no user interaction required. By submitting a specially crafted request to the /api/public/stream endpoint containing a public HTTPS URL that redirects to an internal host, attackers can compel the Postiz server to fetch internal resources. Successful exploitation primarily yields high confidentiality impact by exposing sensitive internal data, with a lesser availability impact potentially from resource exhaustion.

Mitigation is available via an upgrade to Postiz version 2.21.5, which includes the fix implemented in commit 30e8b777098157362769226d1b46d83ad616cb06. Additional details on the patch and remediation steps are provided in the GitHub Security Advisory GHSA-34w8-5j2v-h6ww and the corresponding release notes.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Postiz is an AI social media scheduling tool. Prior to 2.21.5, the /api/public/stream endpoint is vulnerable to SSRF. Although the application validates the initially supplied URL and blocks direct private/internal hosts, it does not re-validate the final destination after HTTP…

more

redirects. As a result, an attacker can supply a public HTTPS URL that passes validation and then redirects the server-side request to an internal resource.

CWE(s)

AI Security AnalysisAI

AI Category
LLM Application Platforms
Risk Domain
Supply Chain and Deployment
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: ai

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

SSRF in public-facing /api/public/stream endpoint enables remote unauthenticated exploitation of the web application to access internal resources.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-34577Same product: Gitroom Postiz
CVE-2026-34576Same product: Gitroom Postiz
CVE-2026-40487Same product: Gitroom Postiz
CVE-2026-42556Same product: Gitroom Postiz
CVE-2026-42298Same product: Gitroom Postiz
CVE-2026-45401Shared CWE-918
CVE-2025-69222Shared CWE-918
CVE-2024-11030Shared CWE-918
CVE-2026-3789Shared CWE-918
CVE-2024-12779Shared CWE-918

Affected Assets

gitroom
postiz
≤ 2.21.5

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SI-10 mandates validation of information inputs such as URLs, directly addressing the failure to re-validate destinations after HTTP redirects in the SSRF vulnerability.

prevent

AC-4 enforces information flow control policies that prevent unauthorized access to internal resources by blocking flows initiated via SSRF redirects.

prevent

SC-7 provides boundary protection to monitor and control outbound communications from the application, blocking SSRF requests to internal hosts.

References