HomeCVE Intelligence › CVE-2026-44232
CVSS 7.5 HIGH Vulnerability

CVE-2026-44232: dssrf: every IPv6 category bypasses is_url_safe

A vulnerability in dssrf allows an attacker to bypass its SSRF protections by supplying one of the following IPv6 addresses, resulting in a successful SSRF. This contradicts dssrf documentation, which incorrectly claims…

7.5CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-44232
Vendornpm
Affected Productdssrf
Vulnerability TypeVulnerability
CVSS Score7.5 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

A vulnerability in dssrf allows an attacker to bypass its SSRF protections by supplying one of the following IPv6 addresses, resulting in a successful SSRF. This contradicts dssrf documentation, which incorrectly claims that IPv6 is disabled entirely. See below: ```rust Input Category http://[::1]/ IPv6 loopback http://[fc00::1]/ IPv6 ULA http://[fe80::1]/ IPv6 link-local http://[::ffff:127.0.0.1]/ IPv4-mapped loopback http://[::ffff:169.254.169.254]/ IPv4-mapped IMDS http://[::ffff:100.64.0.1]/ IPv4-mapped CGNAT http://[64:ff9b::7f00:1]/ NAT64 well-known prefix http://[64:ff9b:1::1]/ NAT64 local-use (RFC 8215) http://[5f00::1]/ SRv6 SID (RFC 9602) http://[3fff::1]/ IPv6 documentation (RFC 9637) http://[fec0::1]/ IPv6 site-local (deprecated, RFC 3879) http://[::127.0.0.1]/ IPv4-compatible

🎯 Known Indicators of Compromise

{"type":"ipv4","value":"169.254.169.254","confidence_score":0.88,"first_seen":"2026-05-06","source_count":1} {"type":"ipv4","value":"100.64.0.1","confidence_score":0.88,"first_seen":"2026-05-06","source_count":1} {"type":"url","value":"http://[fc00::1]/","confidence_score":0.82,"first_seen":"2026-05-06","source_count":1} {"type":"url","value":"http://[fe80::1]/","confidence_score":0.82,"first_seen":"2026-05-06","source_count":1} {"type":"url","value":"http://[::ffff:127.0.0.1]/","confidence_score":0.82,"first_seen":"2026-05-06","source_count":1} {"type":"url","value":"http://[::ffff:169.254.169.254]/","confidence_score":0.82,"first_seen":"2026-05-06","source_count":1} {"type":"url","value":"http://[::ffff:100.64.0.1]/","confidence_score":0.82,"first_seen":"2026-05-06","source_count":1}

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-44232 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence