HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-47260Published Modified CNA GitHub_M

CVE-2026-47260: Koel Vulnerable to SSRF via Podcast Episode Enclosure URLs

Koel is a free, open-source music streaming solution. Prior to version 9.3.5, Koel validates the podcast feed URL via the SafeUrl rule (DNS resolution + public IP check), but the individual episode <enclosure url="..."> values extracted from the RSS XML are stored directly into the database without any SSRF validation. When a user plays an episode, the server downloads the full HTTP response from the unvalidated enclosure URL via Http::sink()->get() and streams it back to the user, enabling full-read SSRF against internal services. This issue has been patched in version 9.3.5.

Metrics

CVSS v3.1
7.7
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

This is a server-side request forgery (SSRF) vulnerability in Koel, a self-hosted music streaming application. The flaw is reachable over the network by any authenticated user with a low-privilege account, because Koel validates the top-level podcast feed URL but skips validation on individual episode enclosure URLs extracted from RSS XML, storing them directly in the database. When a user triggers playback of a crafted episode, the Koel server fetches the full HTTP response from the attacker-controlled enclosure URL and streams it back, giving the attacker the ability to read responses from internal services that are not exposed to the public network. A fix was introduced in version 9.3.5; patched-image rebuilds at that version are available on HarborGuard for affected environments.

HarborGuard Coverage

Detection

Detection of CVE-2026-47260 is available across every HarborGuard environment, with the CVE matched against customer images within minutes of ingestion from upstream advisory feeds, including custom-built Koel images. Coverage extends to images in both CI/CD pipelines and container registries, ensuring affected versions are flagged before or after deployment.

Available
Triage

HarborGuard is capable of scoring this CVE at 7.7 HIGH using the published CVSS v3.1 vector and weighting it further against each customer environment's compliance policy. Triage alerts are routable to the appropriate team inbox within each organization based on image ownership and policy configuration.

Available
Patch

A patched-image rebuild at Koel version 9.3.5 is available on HarborGuard for any environment running an affected version. For customers who opt into auto-remediation, HarborGuard can perform the rebuild, run regression tests, and open a pull request against affected workloads automatically.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the Koel service over the network; the CVSS vector specifies AV:N, meaning no local or physical access to the host is needed.

  • AuthenticationRequired

    The attacker must hold a valid Koel account, though any low-privilege user account is sufficient; the CVSS vector specifies PR:L.

  • Victim interactionNot required

    No other user needs to take any action; the attacker triggers the SSRF directly by initiating episode playback themselves.

  • Attack complexityDetail

    The exploit is reliable and condition-free; the CVSS vector specifies AC:L, meaning no race conditions or special environmental factors are needed.

Blast Radius

  • The attacker reads full HTTP responses from internal services reachable by the Koel server, such as metadata APIs, cloud instance metadata endpoints, or internal dashboards.
  • Internal service responses are streamed back to the attacker through the legitimate episode playback channel, bypassing network perimeter controls that would otherwise block direct access.
  • Confidentiality impact is rated High in the CVSS vector; there is no integrity or availability impact, so data modification and service disruption are not in scope for this vulnerability.

How HarborGuard Handles This

Available on HarborGuard: detection is active for any image containing Koel versions prior to 9.3.5, matched against the published fix boundary. A patched-image rebuild at version 9.3.5 is available for affected environments. For customers who opt into auto-remediation, HarborGuard rebuilds the image, executes regression tests, and opens a pull request against affected workloads; median time from CVE publication to merged patch PR for high-severity issues is around 90 minutes in environments with auto-remediation enabled. Because no compensating upstream patch existed prior to 9.3.5, customers who cannot immediately upgrade should consider applying network policy controls that restrict outbound HTTP requests originating from the Koel server process to approved external hosts only, limiting the internal address space reachable via the SSRF vector. HarborGuard monitors the advisory each ingest cycle and will surface any additional guidance or secondary fix versions as they are published.

See how HarborGuard automates this
Affected packages
  • koel / koel
    < 9.3.5
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
References