{"data":{"id":"0027a378-133a-464e-be15-149b420077d1","title":"CVE-2026-63086: text-generation-inference through 3.3.7 contains a server-side request forgery (SSRF) vulnerability in the OpenAI-compat","summary":"text-generation-inference (a tool for running AI text models) versions up to 3.3.7 have a server-side request forgery vulnerability (SSRF, where an attacker tricks a server into making requests to places it shouldn't) in its chat feature that lets unauthenticated attackers supply malicious image URLs to make the server fetch data from internal systems, cloud metadata endpoints, or scan ports. The vulnerability exists because the code doesn't validate whether URLs point to private or internal addresses, and the HTTP client automatically follows redirects, letting attackers bypass security checks.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-63086","publishedAt":"2026-07-16T17:16:58.553Z","cveId":"CVE-2026-63086","cweIds":["CWE-918"],"cvssScore":"8.6","cvssSeverity":"high","severity":"high","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["HuggingFace"],"affectedVendorsRaw":["Hugging Face","text-generation-inference"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","attackVector":"network","attackComplexity":"low","privilegesRequired":"none","userInteraction":"none","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-07-16T17:16:58.553Z","capecIds":["CAPEC-664"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"inference","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":["AML.T0010"]}}