CVE-2026-25991 PoC — Tandoor Recipes 代码问题漏洞

Source

https://github.com/drkim-dev/CVE-2026-25991

Associated Vulnerability

Title:Tandoor Recipes 代码问题漏洞 (CVE-2026-25991)
Description:Tandoor Recipes是Tandoor Recipes开源的一个用于管理食谱、计划膳食、建立购物清单等等的应用程序。 Tandoor Recipes 2.5.1之前版本存在代码问题漏洞，该漏洞源于Cookmate食谱导入功能未验证HTTP重定向后的目标URL，可能导致经过身份验证的用户发起盲服务端请求伪造攻击，从而扫描内部网络端口或访问云实例元数据。

Description

CVE-2026-25991 | Tandoor Recipes SSRF

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!