Vulnerabilities ›

CVE-2026-6981

Medium

CWE-918 — Weakness Type

                    Published: Apr 25, 2026                      ·  Modified: Apr 28, 2026                      ·  Source: NVD                

CVSS v3

6.3

🔗 NVD Official

📄 Description (English)

A vulnerability was found in IhateCreatingUserNames2 AiraHub2 up to 3e4b77fd7d48ed811ffe5b8d222068c17c76495e. Affected is the function connect_stream_endpoint/sync_agents of the file AiraHub.py of the component Endpoint. Performing a manipulation results in server-side request forgery. The attack may be initiated remotely. The exploit has been made public and could be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. Multiple endpoints are affected. The vendor was contacted early about this disclosure but did not respond in any way.

🤖 AI Executive Summary

CVE-2026-6981 is a server-side request forgery (SSRF) vulnerability in AiraHub2's connect_stream_endpoint/sync_agents function that allows remote attackers to manipulate server requests. The vulnerability affects multiple endpoints and has been publicly disclosed with no vendor response or patch available.

📄 Description (Arabic)

ثغرة تزوير طلبات من جانب الخادم (SSRF) في مكون نقطة النهاية بملف AiraHub.py تسمح للمهاجمين بمعالجة الطلبات من خلال الخادم. الثغرة تؤثر على وظائف متعددة وتم الكشف عنها علناً دون استجابة من البائع.

🤖 ملخص تنفيذي (AI)

ثغرة CVE-2026-6981 هي ثغرة تزوير طلبات من جانب الخادم في وظيفة connect_stream_endpoint/sync_agents في AiraHub2 تسمح للمهاجمين البعيدين بمعالجة طلبات الخادم. تؤثر الثغرة على نقاط نهاية متعددة ولم يتم الرد من البائع أو توفير تصحيح.

🤖 AI Intelligence Analysis Analyzed: May 16, 2026 20:47

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: high

🏢 Affected Saudi Sectors

telecom government banking energy

🎯 MITRE ATT&CK Techniques

T1190 T1498 T1570

⚖️ Saudi Risk Score (AI)

7.0

/ 10.0

🔧 Remediation Steps (English)

Immediately discontinue use of AiraHub2 until a security patch is released. Implement network segmentation to restrict outbound connections from affected systems. Deploy Web Application Firewall (WAF) rules to detect and block SSRF attempts. Monitor all outbound requests from the application and implement strict input validation. Consider migrating to alternative solutions with active security support.

🔧 خطوات المعالجة (العربية)

توقف فوراً عن استخدام AiraHub2 حتى يتم إصدار تصحيح أمني. تطبيق تقسيم الشبكة لتقييد الاتصالات الصادرة من الأنظمة المتأثرة. نشر قواعد جدار حماية تطبيقات الويب لكشف ومنع محاولات SSRF. مراقبة جميع الطلبات الصادرة من التطبيق وتطبيق التحقق الصارم من المدخلات. التفكير في الهجرة إلى حلول بديلة مع دعم أمني نشط.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

5.1 5.2 6.1 7.2

🔵 SAMA CSF

ID.RA-1 PR.AC-3 PR.PT-1 DE.CM-1

🟡 ISO 27001:2022

A.12.6.1 A.13.1.1 A.14.2.1

🔗 References & Sources 4

🔗

https://github.com/wing3e/public_exp/issues/39

cna@vuldb.com

🔗

https://vuldb.com/submit/795506

cna@vuldb.com

🔗

https://vuldb.com/vuln/359524

cna@vuldb.com

🔗

https://vuldb.com/vuln/359524/cti

cna@vuldb.com

📊 CVSS Score

6.3

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityL — Low / Local

IntegrityL — Low / Local

AvailabilityL — Low / Local

📋 Quick Facts

Severity Medium

CVSS Score6.3

CWECWE-918

EPSS0.01%

Exploit No

Patch ✗ No

Published 2026-04-25

Source Feed nvd

🇸🇦 Saudi Risk Score

7.0

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-918

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2026-6981

Introduce Yourself

Sign In Required