NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-57535

Summary	Content injected to PDF rendering contexts could, in many places, include HTML content including <img> tags. If the src attribute of these images pointed to an URL, the PDF rendering engine would download the image from that place and display it, thereby leaking information about the rendering server and possibly creating an SSRF vector in the local network.
Publication Date	June 26, 2026, 12:16 a.m.
Registration Date	June 27, 2026, 4:29 a.m.
Last Update	June 26, 2026, 1:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://pretix.eu/about/en/blog/20260625-release-2026-5-2/	655498c3-6ec5-4f0b-aea6-853b334d05a6

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-80	クロスサイトスクリプティング (Basic XSS)	https://cwe.mitre.org/data/definitions/80.html