High severity7.4NVD Advisory· Published May 29, 2026· Updated May 29, 2026
CVE-2026-48555
CVE-2026-48555
Description
Spatie Laravel Media Library before version 11.23.0 contains a server-side request forgery vulnerability that allows remote attackers to cause the server to issue arbitrary outbound HTTP requests by passing user-controlled URLs to the addMediaFromUrl() method in InteractsWithMedia.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <11.23.0
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.