CVE-2026-32301: CWE-918: Server-Side Request Forgery (SSRF) in centrifugal centr CVE-2026-32301 is a critical SSRF vulnerability affecting Centrifugo, an open-source real-time messaging server, in versions before 6.7.0. The flaw exists when Centrifugo is configured to fetch JSON Web Key Sets (JWKS) from a dynamic URL th

Centrifugo < 6.7.0 faces CRITICAL SSRF (CVE-2026-32301): unauthenticated attackers can trigger outbound server requests. Upgrade now, restrict JWKS URLs, & monitor logs. radar.offseq.com/threat/cve-2026-32301-cw... #OffSeq #SSRF #Centrifugo