CVE-2026-12975: Improper Restriction of XML External Entity Reference in Red Hat Red Hat build of Apicurio Registry 3
CVE-2026-12975 is a high-severity vulnerability in Red Hat build of Apicurio Registry 3 where the XML parser does not securely handle external entity references. This allows an attacker with artifact-write permission, or unauthenticated users if default settings are used, to upload crafted XML documents that can trigger blind server-side request forgery (SSRF) or cause denial of service via entity expansion.
AI Analysis
Technical Summary
The vulnerability arises from the ContentTypeUtil.isParsableXml() method in Apicurio Registry 3, which creates a SAXParserFactory without enabling secure processing or disabling external entity resolution. This improper restriction of XML external entity references enables attackers with certain permissions or unauthenticated access under default configuration to upload malicious XML that triggers SSRF by fetching external DTD/entities or causes denial of service through entity expansion. The CVSS v3.1 score is 8.5, indicating high severity with network attack vector, low attack complexity, requiring low privileges, no user interaction, and causing partial confidentiality impact and high availability impact. No official patch or remediation level is stated in the vendor advisory as of the published date. The vendor advisory URL is provided for ongoing updates.
Potential Impact
An attacker with artifact-write permission or unauthenticated users (under default configuration) can exploit this vulnerability to perform blind server-side request forgery (SSRF) by causing the server to fetch external entities defined in a crafted XML document. Additionally, the attacker can cause denial of service by triggering entity expansion attacks. This impacts confidentiality partially and causes high availability impact by potentially disrupting service.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-12975 for current remediation guidance. Until an official fix is available, consider restricting artifact-write permissions and reviewing default configuration to prevent unauthenticated uploads of XML content. Avoid processing untrusted XML documents or disable external entity resolution in XML parsers if possible.
CVE-2026-12975: Improper Restriction of XML External Entity Reference in Red Hat Red Hat build of Apicurio Registry 3
Description
CVE-2026-12975 is a high-severity vulnerability in Red Hat build of Apicurio Registry 3 where the XML parser does not securely handle external entity references. This allows an attacker with artifact-write permission, or unauthenticated users if default settings are used, to upload crafted XML documents that can trigger blind server-side request forgery (SSRF) or cause denial of service via entity expansion.
CVSS v3.1
Score 8.5high
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability arises from the ContentTypeUtil.isParsableXml() method in Apicurio Registry 3, which creates a SAXParserFactory without enabling secure processing or disabling external entity resolution. This improper restriction of XML external entity references enables attackers with certain permissions or unauthenticated access under default configuration to upload malicious XML that triggers SSRF by fetching external DTD/entities or causes denial of service through entity expansion. The CVSS v3.1 score is 8.5, indicating high severity with network attack vector, low attack complexity, requiring low privileges, no user interaction, and causing partial confidentiality impact and high availability impact. No official patch or remediation level is stated in the vendor advisory as of the published date. The vendor advisory URL is provided for ongoing updates.
Potential Impact
An attacker with artifact-write permission or unauthenticated users (under default configuration) can exploit this vulnerability to perform blind server-side request forgery (SSRF) by causing the server to fetch external entities defined in a crafted XML document. Additionally, the attacker can cause denial of service by triggering entity expansion attacks. This impacts confidentiality partially and causes high availability impact by potentially disrupting service.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-12975 for current remediation guidance. Until an official fix is available, consider restricting artifact-write permissions and reviewing default configuration to prevent unauthenticated uploads of XML content. Avoid processing untrusted XML documents or disable external entity resolution in XML parsers if possible.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-06-23T10:44:04.308Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-12975","vendor":"Red Hat"}]
Threat ID: 6a3d9e1b4853345fc17c67d2
Added to database: 06/25/2026, 21:31:07 UTC
Last enriched: 06/25/2026, 21:46:14 UTC
Last updated: 06/25/2026, 22:22:36 UTC
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.