NVD脆弱性詳細

Exploit、PoC検索

NVD脆弱性検索トップ

->

NVD脆弱性詳細

CVE-2026-43897

概要	Link Preview JS extracts web links information. Prior to 4.0.1, the library did not check for IPv6 loopback attacks. There was also a DNS attack, where an address could be resolved into an internal IP. This could cause internal data leaks. This vulnerability is fixed in 4.0.1.
公表日	2026年5月12日7:22
登録日	2026年5月13日4:11
最終更新日	2026年5月12日7:22

関連情報、対策とツール

No	URL	refsource	タグ
1	https://github.com/OP-Engineering/link-preview-js/commit/4396d48909fab37553c0e93e26447fe218363ede	security-advisories@github.com
2	https://github.com/OP-Engineering/link-preview-js/pull/179	security-advisories@github.com
3	https://github.com/OP-Engineering/link-preview-js/releases/tag/4.0.1	security-advisories@github.com
4	https://github.com/OP-Engineering/link-preview-js/security/advisories/GHSA-4gp8-rjrq-ch6q	security-advisories@github.com

共通脆弱性一覧

No	CWE	名前	URL
1	CWE-918	サーバサイドリクエストフォージェリ	https://cwe.mitre.org/data/definitions/918.html