Description

Homarr is an open-source dashboard. Prior to 1.52.0, a public (unauthenticated) tRPC endpoint widget.app.ping accepts an arbitrary url and performs a server-side request to that URL. This allows an unauthenticated attacker to trigger outbound HTTP requests from the Homarr server, enabling SSRF behavior and a reliable port-scanning primitive (open vs closed ports can be inferred from statusCode vs fetch failed and timing). This vulnerability is fixed in 1.52.0.

INFO

Published Date :

2026-02-06T21:19:40.212Z

Last Modified :

2026-02-09T15:27:03.275Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-25123 vulnerability.

Vendors Products
Homarr
  • Homarr
Homarr-labs
  • Homarr
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-25123.

URL Resource
https://github.com/homarr-labs/homarr/security/advisories/GHSA-c6rh-8wj4-gv74 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact