CVE-2026-63086: text-generation-inference through 3.3.7 contains a server-side request forgery (SSRF) vulnerability in the OpenAI-compat
Summary
text-generation-inference (a tool for running AI text models) versions up to 3.3.7 have a server-side request forgery vulnerability (SSRF, where an attacker tricks a server into making requests to places it shouldn't) in its chat feature that lets unauthenticated attackers supply malicious image URLs to make the server fetch data from internal systems, cloud metadata endpoints, or scan ports. The vulnerability exists because the code doesn't validate whether URLs point to private or internal addresses, and the HTTP client automatically follows redirects, letting attackers bypass security checks.
Vulnerability Details
8.6(high)
EPSS: 0.0%
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
network
low
none
none
July 16, 2026
Classification
Taxonomy References
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-63086
First tracked: July 17, 2026 at 02:08 AM
Classified by LLM (prompt v3) · confidence: 92%