CVE-2026-10052: Server-Side Request Forgery (SSRF) in Red Hat Red Hat Quay 3
CVE-2026-10052 is a Server-Side Request Forgery (SSRF) vulnerability in Red Hat Quay 3's config-tool LDAP and SMTP validation functions. An attacker with config editor privileges can exploit this flaw to make outbound connections to arbitrary user-supplied endpoints without proper filtering. This enables internal network reconnaissance from the Quay pod's network position. The vulnerability has a CVSS score of 4. 1, indicating medium severity. No official patch or remediation level has been confirmed as of the published advisory date. There are no known exploits in the wild.
AI Analysis
Technical Summary
This vulnerability arises from insufficient validation in the LDAP and SMTP validation functions of Red Hat Quay 3's config-tool. Specifically, these functions perform outbound network requests to user-supplied endpoints without adequate IP or host filtering, allowing an attacker with configuration editor access to conduct SSRF attacks. The attacker can leverage this to map internal network infrastructure from the perspective of the Quay pod. The CVSS vector indicates the attack requires network access and privileges (PR:H), does not require user interaction, and impacts confidentiality with limited scope and no integrity or availability impact.
Potential Impact
The impact is limited to internal network reconnaissance, potentially exposing internal network topology information to an attacker with configuration editor access. There is no direct impact on data integrity or availability. Confidentiality impact is limited, as the attacker can only gather network information accessible from the Quay pod's network position. No known active exploitation has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory at https://access.redhat.com/security/cve/CVE-2026-10052 for current remediation guidance. Until an official fix is available, restrict config editor access to trusted users only to prevent exploitation. Monitor Red Hat's advisory for updates on patches or official mitigations.
CVE-2026-10052: Server-Side Request Forgery (SSRF) in Red Hat Red Hat Quay 3
Description
CVE-2026-10052 is a Server-Side Request Forgery (SSRF) vulnerability in Red Hat Quay 3's config-tool LDAP and SMTP validation functions. An attacker with config editor privileges can exploit this flaw to make outbound connections to arbitrary user-supplied endpoints without proper filtering. This enables internal network reconnaissance from the Quay pod's network position. The vulnerability has a CVSS score of 4. 1, indicating medium severity. No official patch or remediation level has been confirmed as of the published advisory date. There are no known exploits in the wild.
CVSS v3.1
Score 4.1medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability arises from insufficient validation in the LDAP and SMTP validation functions of Red Hat Quay 3's config-tool. Specifically, these functions perform outbound network requests to user-supplied endpoints without adequate IP or host filtering, allowing an attacker with configuration editor access to conduct SSRF attacks. The attacker can leverage this to map internal network infrastructure from the perspective of the Quay pod. The CVSS vector indicates the attack requires network access and privileges (PR:H), does not require user interaction, and impacts confidentiality with limited scope and no integrity or availability impact.
Potential Impact
The impact is limited to internal network reconnaissance, potentially exposing internal network topology information to an attacker with configuration editor access. There is no direct impact on data integrity or availability. Confidentiality impact is limited, as the attacker can only gather network information accessible from the Quay pod's network position. No known active exploitation has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory at https://access.redhat.com/security/cve/CVE-2026-10052 for current remediation guidance. Until an official fix is available, restrict config editor access to trusted users only to prevent exploitation. Monitor Red Hat's advisory for updates on patches or official mitigations.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-05-29T07:31:54.325Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-10052","vendor":"Red Hat"}]
Threat ID: 6a195686e29bf47b50c2697e
Added to database: 5/29/2026, 9:04:06 AM
Last enriched: 5/29/2026, 9:19:38 AM
Last updated: 5/29/2026, 5:19:35 PM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.