SSRF in Misskey-dev Misskey

CVE-2026-57575

Misskey is an open source, federated social media platform. Prior to 2026.6.0, Misskey contains a Server-Side Request Forgery (SSRF) vulnerability in URL preview functionality in UrlPreviewService. Due to missing network restrictions befor…

Vulnerability class: SSRF (Server-Side Request Forgery)

Affected products

Weakness classification (CWE)

References