Main Vulnerability Database Vulnerabilities #VU134880

Server-Side Request Forgery (SSRF) in phpseclib - CVE-2026-55599

Published: June 18, 2026

Vulnerability identifier: #VU134880

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2026-55599

CWE-ID: CWE-918

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: phpseclib

Affected software:
phpseclib

Detailed vulnerability description

The vulnerability allows a remote attacker to send attacker-controlled outbound requests to internal services.

The vulnerability exists due to server-side request forgery (SSRF) in X509::validateSignature() when validating an untrusted X.509 certificate. A remote attacker can supply a crafted certificate containing an Authority Information Access URL to send attacker-controlled outbound requests to internal services.

The issue is triggered when the certificate issuer is not already trusted, and the fetched response is handled blindly rather than being exposed directly to the attacker.

How to mitigate CVE-2026-55599

Install security update from vendor's website.

Sources

https://github.com/phpseclib/phpseclib/security/advisories/GHSA-m557-wrgg-6rp4

Server-Side Request Forgery (SSRF) in phpseclib - CVE-2026-55599

Detailed vulnerability description

How to mitigate CVE-2026-55599

Sources

Please verify you're human