CVE-2026-47157

CVE-2026-47157

aiograpi is an asynchronous Instagram API for Python. aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were relative Instagram API paths. I…

Vulnerability class: SSRF (Server-Side Request Forgery)

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2026-47157?
CVE-2026-47157 is a medium-severity vulnerability, classified under Server-Side Request Forgery (SSRF). CVSS score: 6.5/10. Published 2026-06-11.
How severe is CVE-2026-47157?
Medium severity. CVSS v3 base score is 6.5 out of 10.