CVE-2026-5469
Published: 03 April 2026
Summary
CVE-2026-5469 is a medium-severity SSRF (CWE-918) vulnerability in Casbin Casdoor. Its CVSS base score is 5.1 (Medium).
Operationally, ranked at the 14.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-4 (Information Flow Enforcement) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2026-5469 is a server-side request forgery (SSRF) vulnerability, classified under CWE-918, affecting Casdoor version 2.356.0. The weakness impacts unknown code in the Webhook URL Handler component, where manipulation enables SSRF. Published on 2026-04-03, it carries a CVSS v3.1 base score of 4.7 (AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L).
The vulnerability can be exploited remotely by an authenticated attacker possessing high privileges (PR:H). Successful exploitation allows the attacker to manipulate the Webhook URL Handler, leading to SSRF with low impacts on confidentiality, integrity, and availability.
VulDB advisories note that the vendor was contacted early regarding this disclosure but provided no response. No patches or mitigations are detailed in the referenced sources.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-18658
Vulnerability details
A weakness has been identified in Casdoor 2.356.0. This vulnerability affects unknown code of the component Webhook URL Handler. Executing a manipulation can lead to server-side request forgery. The attack can be launched remotely. The vendor was contacted early about…
more
this disclosure but did not respond in any way.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Insufficient information to map techniques.CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly validates and sanitizes webhook URL inputs to block SSRF exploitation by enforcing allowlisted schemes, hosts, and paths.
Enforces approved information flows to prevent the Webhook URL Handler from initiating unauthorized server-side requests to internal or external resources.
Monitors and controls communications at system boundaries to restrict and detect anomalous outbound requests triggered by SSRF in the Webhook URL Handler.