Security Advisory

CVE-2026-39087

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-23 00:00:00
Last updated 2026-07-05 16:16:27
Assigner mitre
State PUBLISHED

Description

ntfy before 2.22.0 allows SSRF because of an unanchored regular expression for web push endpoint URLs.