Medium severityNVD Advisory· Published Jan 14, 2026· Updated Apr 15, 2026
CVE-2026-0600
CVE-2026-0600
Description
Server-Side Request Forgery (SSRF) vulnerability in Sonatype Nexus Repository 3 versions 3.0.0 and later allows authenticated administrators to configure proxy repositories with URLs that can access unintended network destinations, potentially including cloud metadata services and internal network resources. A workaround configuration is available starting in version 3.88.0, but the product remains vulnerable by default.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: >=3.0.0, <3.88.0 (or <3.88.0 default vulnerable)
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.