VYPR

Backstage

by Linux Foundation

Source repositories

CVEs (1)

  • CVE-2026-32236HigMar 12, 2026
    risk 0.42cvss 7.5epss 0.00

    Backstage is an open framework for building developer portals. Prior to 0.27.1, a Server-Side Request Forgery (SSRF) vulnerability exists in @backstage/plugin-auth-backend when auth.experimentalClientIdMetadataDocuments.enabled is set to true. The CIMD metadata fetch validates…