Threat Advisory

Monetr Server-Side Request Forgery Vulnerability

Threat: Vulnerability
Targeted Region: Global
Targeted Sector: Technology & IT
Criticality: High
[subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

CVE-2026-41644 with a CVSS score of 7.5 is a Server-Side Request Forgery (SSRF) vulnerability in the monetr Lunch Flow integration, allowing any authenticated user on a self-hosted instance to cause the monetr server to issue HTTP GET requests to arbitrary URLs supplied by the caller, with the response body from non-200 upstream responses reflected back in the API error message. The vulnerability exists in the go/github.com/monetr/monetr package, affecting versions prior to 1.12.5. An attacker with authenticated access to a self-hosted monetr deployment can exploit this vulnerability, gaining the capability to read arbitrary metadata from the monetr server, including instance metadata if the deployment is running in a cloud environment. If exploited, this vulnerability could lead to business impact and consequences such as data exposure, denial-of-service, and potential security compromises. Prerequisites for exploitation include a self-hosted monetr deployment running the default configuration, which enables public sign-up and the Lunch Flow integration.[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

CVE-2026-41644 with a CVSS score of 7.5 is a Server-Side Request Forgery (SSRF) vulnerability in the monetr Lunch Flow integration, allowing any authenticated user on a self-hosted instance to cause the monetr server to issue HTTP GET requests to arbitrary URLs supplied by the caller, with the response body from non-200 upstream responses reflected back in the API error message. The vulnerability exists in the go/github.com/monetr/monetr package, affecting versions prior to 1.12.5. An attacker with authenticated access to a self-hosted monetr deployment can exploit this vulnerability, gaining the capability to read arbitrary metadata from the monetr server, including instance metadata if the deployment is running in a cloud environment. If exploited, this vulnerability could lead to business impact and consequences such as data exposure, denial-of-service, and potential security compromises. Prerequisites for exploitation include a self-hosted monetr deployment running the default configuration, which enables public sign-up and the Lunch Flow integration.[emaillocker id="1283"]

RECOMMENDATION:

  • We recommend you to update monetr to version 1.12.5.

REFERENCES:

The following reports contain further technical details:
https://github.com/advisories/GHSA-29v9-frvh-c426

[/emaillocker]
crossmenu