High severity7.7NVD Advisory· Published Mar 30, 2026· Updated Apr 2, 2026
CVE-2026-29925
CVE-2026-29925
Description
Invoice Ninja v5.12.46 and v5.12.48 is vulnerable to Server-Side Request Forgery (SSRF) in CheckDatabaseRequest.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:invoiceninja:invoice_ninja:5.12.46:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:invoiceninja:invoice_ninja:5.12.46:*:*:*:*:*:*:*
- cpe:2.3:a:invoiceninja:invoice_ninja:5.12.48:*:*:*:*:*:*:*
- (no CPE)range: v5.12.46, v5.12.48
Patches
Vulnerability mechanics
References
2- gist.github.com/TrekLaps/5b2c72106d950dab0cd1897eb93200f1nvdExploitThird Party Advisory
- github.com/invoiceninja/invoiceninja/blob/v5-stable/app/Http/Requests/Setup/CheckDatabaseRequest.phpnvdProduct
News mentions
0No linked articles in our index yet.