{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-30232", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-04T17:23:59.798Z", "datePublished": "2026-04-10T19:15:11.439Z", "dateUpdated": "2026-04-15T15:07:30.227Z"}, "containers": {"cna": {"title": "Chartbrew has SSRF in API Data Connection - No IP Validation on User-Provided URLs", "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "lang": "en", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/chartbrew/chartbrew/security/advisories/GHSA-p4rg-967r-w4cv", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/chartbrew/chartbrew/security/advisories/GHSA-p4rg-967r-w4cv"}, {"name": "https://github.com/chartbrew/chartbrew/commit/9c4a7e2b02acb25f0782bd4ac1f16407d59c2df1", "tags": ["x_refsource_MISC"], "url": "https://github.com/chartbrew/chartbrew/commit/9c4a7e2b02acb25f0782bd4ac1f16407d59c2df1"}], "affected": [{"vendor": "chartbrew", "product": "chartbrew", "versions": [{"version": "< 4.8.5", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-10T19:15:11.439Z"}, "descriptions": [{"lang": "en", "value": "Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to 4.8.5, Chartbrew allows authenticated users to create API data connections with arbitrary URLs. The server fetches these URLs using request-promise without any IP address validation, enabling Server-Side Request Forgery attacks against internal networks and cloud metadata endpoints. This vulnerability is fixed in 4.8.5."}], "source": {"advisory": "GHSA-p4rg-967r-w4cv", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-15T15:07:05.673255Z", "id": "CVE-2026-30232", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T15:07:30.227Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-30232", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-15T15:07:05.673255Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T15:07:20.724Z"}}], "cna": {"title": "Chartbrew has SSRF in API Data Connection - No IP Validation on User-Provided URLs", "source": {"advisory": "GHSA-p4rg-967r-w4cv", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 7.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "chartbrew", "product": "chartbrew", "versions": [{"status": "affected", "version": "< 4.8.5"}]}], "references": [{"url": "https://github.com/chartbrew/chartbrew/security/advisories/GHSA-p4rg-967r-w4cv", "name": "https://github.com/chartbrew/chartbrew/security/advisories/GHSA-p4rg-967r-w4cv", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/chartbrew/chartbrew/commit/9c4a7e2b02acb25f0782bd4ac1f16407d59c2df1", "name": "https://github.com/chartbrew/chartbrew/commit/9c4a7e2b02acb25f0782bd4ac1f16407d59c2df1", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to 4.8.5, Chartbrew allows authenticated users to create API data connections with arbitrary URLs. The server fetches these URLs using request-promise without any IP address validation, enabling Server-Side Request Forgery attacks against internal networks and cloud metadata endpoints. This vulnerability is fixed in 4.8.5."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918: Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-10T19:15:11.439Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30232", "state": "PUBLISHED", "dateUpdated": "2026-04-15T15:07:30.227Z", "dateReserved": "2026-03-04T17:23:59.798Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-10T19:15:11.439Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:depomo:chartbrew:*:*:*:*:*:*:*:*", "matchCriteriaId": "08F05A49-8201-4A07-8BE2-76EC535D7874", "versionEndExcluding": "4.8.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to 4.8.5, Chartbrew allows authenticated users to create API data connections with arbitrary URLs. The server fetches these URLs using request-promise without any IP address validation, enabling Server-Side Request Forgery attacks against internal networks and cloud metadata endpoints. This vulnerability is fixed in 4.8.5."}], "id": "CVE-2026-30232", "lastModified": "2026-04-14T17:26:55.467", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 5.8, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-10T20:16:21.323", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/chartbrew/chartbrew/commit/9c4a7e2b02acb25f0782bd4ac1f16407d59c2df1"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/chartbrew/chartbrew/security/advisories/GHSA-p4rg-967r-w4cv"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,4.8.5)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "chartbrew", "source": "cna", "vendor": "chartbrew"}, "product": "chartbrew", "vendor": "chartbrew"}], "analysis": {"en": {"generated_at": "2026-04-14T19:35:33.639797+00:00", "value": {"mitigation_remediation": ["Upgrade Chartbrew to version 4.8.5 or later."], "summary": {"action": "Patch Immediately", "impact": "Server-Side Request Forgery"}, "threat_synthesis": {"affected_systems": "The vulnerability exists in Chartbrew versions prior to 4.8.5. Any deployment of the open\u2011source Chartbrew product before that release is potentially impacted.", "description_and_impact": "Chartbrew allows authenticated users to create API data connections by entering arbitrary URLs. Because the server fetches those URLs without validating the IP address, users can direct the application to internal or cloud metadata services. This server\u2010side request forgery can expose sensitive data, such as internal network hosts or cloud credentials, and can be leveraged for further attacks. The vulnerability is classified as CWE\u2011918.", "risk_and_exploitability": "The CVSS score of 7.8 indicates high severity. The EPSS score is below 1%, suggesting low exploitation probability in the wild. The vulnerability is not listed in CISA's KEV catalog. Attackers need valid authentication to the Chartbrew instance and must have network connectivity to the targeted internal or cloud endpoint. Once the SSRF is triggered, the attacker can read responses from those endpoints, gaining confidentiality and potentially availability impact if repeated requests overload internal services."}}}}, "created": "2026-04-13T12:42:49.298293+00:00", "updated": "2026-04-15T16:00:07.791364+00:00", "vendors": ["chartbrew", "chartbrew$PRODUCT$chartbrew"]}