CVE-2026-39087

Summary

ntfy before 2.22.0 allows SSRF because of an unanchored regular expression for web push endpoint URLs.

Affected Software

VendorProductVersion RangeStatus
ntfyntfy0 < 2.22.0affected

Weaknesses

  • CWE-777: CWE-777 Regular Expression without Anchors

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References