CVE-2026-34746: CWE-918: Server-Side Request Forgery (SSRF) in payloadcms payload
PayloadCMS versions prior to 3. 79. 1 contain an authenticated Server-Side Request Forgery (SSRF) vulnerability in the upload functionality. Authenticated users with create or update permissions on upload-enabled collections can cause the server to make arbitrary outbound HTTP requests. This vulnerability has been addressed in version 3. 79. 1. The CVSS score is 7. 7, indicating high severity due to the potential for server-side request manipulation without impacting data integrity or availability directly.
AI Analysis
Technical Summary
CVE-2026-34746 describes an SSRF vulnerability (CWE-918) in PayloadCMS before version 3.79.1. The flaw allows authenticated users with specific upload permissions to trigger outbound HTTP requests from the server to arbitrary URLs via the upload feature. This can lead to information disclosure or interaction with internal network resources. The vulnerability requires authentication and privileges to create or update upload-enabled collections. The issue has been fixed in PayloadCMS version 3.79.1.
Potential Impact
An attacker with authenticated access and appropriate permissions can exploit this SSRF vulnerability to make the server perform HTTP requests to arbitrary external or internal URLs. This could potentially expose internal services or sensitive information accessible only from the server's network. The vulnerability does not directly affect data integrity or availability but poses a significant risk of information disclosure or network reconnaissance.
Mitigation Recommendations
Upgrade PayloadCMS to version 3.79.1 or later, where this SSRF vulnerability has been patched. No other mitigations are indicated or required once the official fix is applied.
CVE-2026-34746: CWE-918: Server-Side Request Forgery (SSRF) in payloadcms payload
Description
PayloadCMS versions prior to 3. 79. 1 contain an authenticated Server-Side Request Forgery (SSRF) vulnerability in the upload functionality. Authenticated users with create or update permissions on upload-enabled collections can cause the server to make arbitrary outbound HTTP requests. This vulnerability has been addressed in version 3. 79. 1. The CVSS score is 7. 7, indicating high severity due to the potential for server-side request manipulation without impacting data integrity or availability directly.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-34746 describes an SSRF vulnerability (CWE-918) in PayloadCMS before version 3.79.1. The flaw allows authenticated users with specific upload permissions to trigger outbound HTTP requests from the server to arbitrary URLs via the upload feature. This can lead to information disclosure or interaction with internal network resources. The vulnerability requires authentication and privileges to create or update upload-enabled collections. The issue has been fixed in PayloadCMS version 3.79.1.
Potential Impact
An attacker with authenticated access and appropriate permissions can exploit this SSRF vulnerability to make the server perform HTTP requests to arbitrary external or internal URLs. This could potentially expose internal services or sensitive information accessible only from the server's network. The vulnerability does not directly affect data integrity or availability but poses a significant risk of information disclosure or network reconnaissance.
Mitigation Recommendations
Upgrade PayloadCMS to version 3.79.1 or later, where this SSRF vulnerability has been patched. No other mitigations are indicated or required once the official fix is applied.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-03-30T19:17:10.224Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 69cd7b33e6bfc5ba1df49814
Added to database: 4/1/2026, 8:08:19 PM
Last enriched: 4/10/2026, 12:06:27 AM
Last updated: 5/21/2026, 11:52:33 AM
Views: 47
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.