The SentinelOne Annual Threat Report - A Defenders Guide from the FrontlinesThe SentinelOne Annual Threat ReportGet the Report
Experiencing a Breach?Blog
Get StartedContact Us
SentinelOne
  • Platform
    Platform Overview
    • Singularity Platform
      Welcome to Integrated Enterprise Security
    • AI for Security
      Leading the Way in AI-Powered Security Solutions
    • Securing AI
      Accelerate AI Adoption with Secure AI Tools, Apps, and Agents.
    • How It Works
      The Singularity XDR Difference
    • Singularity Marketplace
      One-Click Integrations to Unlock the Power of XDR
    • Pricing & Packaging
      Comparisons and Guidance at a Glance
    Data & AI
    • Purple AI
      Accelerate SecOps with Generative AI
    • Singularity Hyperautomation
      Easily Automate Security Processes
    • AI-SIEM
      The AI SIEM for the Autonomous SOC
    • AI Data Pipelines
      Security Data Pipeline for AI SIEM and Data Optimization
    • Singularity Data Lake
      AI-Powered, Unified Data Lake
    • Singularity Data Lake for Log Analytics
      Seamlessly Ingest Data from On-Prem, Cloud or Hybrid Environments
    Endpoint Security
    • Singularity Endpoint
      Autonomous Prevention, Detection, and Response
    • Singularity XDR
      Native & Open Protection, Detection, and Response
    • Singularity RemoteOps Forensics
      Orchestrate Forensics at Scale
    • Singularity Threat Intelligence
      Comprehensive Adversary Intelligence
    • Singularity Vulnerability Management
      Application & OS Vulnerability Management
    • Singularity Identity
      Identity Threat Detection and Response
    Cloud Security
    • Singularity Cloud Security
      Block Attacks with an AI-Powered CNAPP
    • Singularity Cloud Native Security
      Secure Cloud and Development Resources
    • Singularity Cloud Workload Security
      Real-Time Cloud Workload Protection Platform
    • Singularity Cloud Data Security
      AI-Powered Threat Detection for Cloud Storage
    • Singularity Cloud Security Posture Management
      Detect and Remediate Cloud Misconfigurations
    Securing AI
    • Prompt Security
      Secure AI Tools Across Your Enterprise
  • Why SentinelOne?
    Why SentinelOne?
    • Why SentinelOne?
      Cybersecurity Built for What’s Next
    • Our Customers
      Trusted by the World’s Leading Enterprises
    • Industry Recognition
      Tested and Proven by the Experts
    • About Us
      The Industry Leader in Autonomous Cybersecurity
    Compare SentinelOne
    • Arctic Wolf
    • Broadcom
    • CrowdStrike
    • Cybereason
    • Microsoft
    • Palo Alto Networks
    • Sophos
    • Splunk
    • Trellix
    • Trend Micro
    • Wiz
    Verticals
    • Energy
    • Federal Government
    • Finance
    • Healthcare
    • Higher Education
    • K-12 Education
    • Manufacturing
    • Retail
    • State and Local Government
  • Services
    Managed Services
    • Managed Services Overview
      Wayfinder Threat Detection & Response
    • Threat Hunting
      World-Class Expertise and Threat Intelligence
    • Managed Detection & Response
      24/7/365 Expert MDR Across Your Entire Environment
    • Incident Readiness & Response
      DFIR, Breach Readiness, & Compromise Assessments
    Support, Deployment, & Health
    • Technical Account Management
      Customer Success with Personalized Service
    • SentinelOne GO
      Guided Onboarding & Deployment Advisory
    • SentinelOne University
      Live and On-Demand Training
    • Services Overview
      Comprehensive Solutions for Seamless Security Operations
    • SentinelOne Community
      Community Login
  • Partners
    Our Network
    • MSSP Partners
      Succeed Faster with SentinelOne
    • Singularity Marketplace
      Extend the Power of S1 Technology
    • Cyber Risk Partners
      Enlist Pro Response and Advisory Teams
    • Technology Alliances
      Integrated, Enterprise-Scale Solutions
    • SentinelOne for AWS
      Hosted in AWS Regions Around the World
    • Channel Partners
      Deliver the Right Solutions, Together
    • SentinelOne for Google Cloud
      Unified, Autonomous Security Giving Defenders the Advantage at Global Scale
    • Partner Locator
      Your Go-to Source for Our Top Partners in Your Region
    Partner Portal→
  • Resources
    Resource Center
    • Case Studies
    • Data Sheets
    • eBooks
    • Reports
    • Videos
    • Webinars
    • Whitepapers
    • Events
    View All Resources→
    Blog
    • Feature Spotlight
    • For CISO/CIO
    • From the Front Lines
    • Identity
    • Cloud
    • macOS
    • SentinelOne Blog
    Blog→
    Tech Resources
    • SentinelLABS
    • Ransomware Anthology
    • Cybersecurity 101
  • About
    About SentinelOne
    • About SentinelOne
      The Industry Leader in Cybersecurity
    • Investor Relations
      Financial Information & Events
    • SentinelLABS
      Threat Research for the Modern Threat Hunter
    • Careers
      The Latest Job Opportunities
    • Press & News
      Company Announcements
    • Cybersecurity Blog
      The Latest Cybersecurity Threats, News, & More
    • FAQ
      Get Answers to Our Most Frequently Asked Questions
    • DataSet
      The Live Data Platform
    • S Foundation
      Securing a Safer Future for All
    • S Ventures
      Investing in the Next Generation of Security, Data and AI
  • Pricing
Get StartedContact Us
CVE Vulnerability Database
Vulnerability Database/CVE-2026-33752

CVE-2026-33752: Lexiforest Curl Cffi SSRF Vulnerability

CVE-2026-33752 is an SSRF flaw in Lexiforest Curl Cffi that allows attackers to redirect requests to internal services like cloud metadata endpoints. This article covers technical details, affected versions, and mitigations.

Published: April 10, 2026

CVE-2026-33752 Overview

CVE-2026-33752 is a Server-Side Request Forgery (SSRF) vulnerability in curl_cffi, a Python binding for curl. Prior to version 0.15.0, curl_cffi does not restrict requests to internal IP ranges and automatically follows redirects via the underlying libcurl. This allows an attacker-controlled URL to redirect requests to internal services such as cloud metadata endpoints. Additionally, curl_cffi's TLS impersonation feature can make these malicious requests appear as legitimate browser traffic, potentially bypassing certain network controls.

Critical Impact

Attackers can leverage this SSRF vulnerability to access sensitive internal services, including cloud metadata endpoints (e.g., AWS IMDSv1, GCP metadata), potentially exposing cloud credentials, configuration data, and other sensitive information from protected internal networks.

Affected Products

  • lexiforest curl_cffi versions prior to 0.15.0
  • lexiforest curl_cffi 0.15.0-beta1 through 0.15.0-beta4
  • Applications using curl_cffi for HTTP requests with user-controlled URLs

Discovery Timeline

  • 2026-04-06 - CVE-2026-33752 published to NVD
  • 2026-04-09 - Last updated in NVD database

Technical Details for CVE-2026-33752

Vulnerability Analysis

This SSRF vulnerability stems from curl_cffi's permissive default configuration regarding URL handling. The library does not implement restrictions on requests to internal or private IP ranges (such as 127.0.0.1, 169.254.169.254, 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16). Combined with automatic redirect following inherited from libcurl, an attacker can craft a malicious URL that initially points to an external server they control, which then issues an HTTP redirect to an internal service.

The vulnerability is classified under CWE-918 (Server-Side Request Forgery), where the web server receives a URL or similar request from an upstream component and retrieves the contents without sufficiently ensuring the request is being sent to the expected destination. The network-based attack vector requires no authentication and no user interaction, enabling remote exploitation against any application that processes attacker-supplied URLs through curl_cffi.

Root Cause

The root cause of this vulnerability is the absence of URL validation and IP address filtering in curl_cffi prior to version 0.15.0. The library directly passes user-supplied URLs to libcurl without implementing safeguards to prevent access to internal network resources. Furthermore, libcurl's default behavior of following HTTP redirects (up to 30 redirects by default) is inherited without restriction, allowing redirect-based SSRF attacks even when the initial URL appears safe.

A compounding factor is curl_cffi's TLS impersonation capability, which enables requests to mimic legitimate browser traffic patterns. This feature, while useful for legitimate purposes, can help SSRF attacks bypass network security controls that rely on user-agent or TLS fingerprint analysis.

Attack Vector

The attack scenario involves an application that uses curl_cffi to fetch content from user-supplied URLs. An attacker provides a URL pointing to an external server they control. When curl_cffi makes the request, the attacker's server responds with an HTTP 302 redirect to an internal resource, such as http://169.254.169.254/latest/meta-data/iam/security-credentials/. Since curl_cffi automatically follows redirects and does not validate the destination IP address, the request is made to the internal metadata service, and the response is returned to the attacker.

This attack is particularly dangerous in cloud environments where instance metadata services expose sensitive credentials. The vulnerability enables attackers to pivot from an external entry point to access internal infrastructure resources that should never be accessible from outside the network.

Detection Methods for CVE-2026-33752

Indicators of Compromise

  • Outbound HTTP requests from application servers to cloud metadata endpoints (169.254.169.254, fd00:ec2::254)
  • Unusual redirect chains in application logs showing external URLs redirecting to internal IP ranges
  • HTTP requests to private IP ranges originating from web application components
  • Unexpected access patterns to internal services from curl_cffi-based applications

Detection Strategies

  • Monitor network traffic for HTTP requests to RFC 1918 private IP addresses and link-local addresses originating from application servers
  • Implement logging and alerting for curl_cffi requests that follow redirects to different hostnames or IP ranges
  • Review application dependencies for curl_cffi versions earlier than 0.15.0 using software composition analysis tools
  • Deploy network segmentation rules that alert on application servers attempting to contact metadata services directly

Monitoring Recommendations

  • Enable verbose logging in curl_cffi to capture full request chains including redirects
  • Configure cloud provider metadata service protections (e.g., IMDSv2 on AWS) and monitor for IMDSv1 access attempts
  • Implement egress filtering and monitor for blocked connection attempts to internal IP ranges
  • Use runtime application security monitoring to detect SSRF attack patterns in URL handling code

How to Mitigate CVE-2026-33752

Immediate Actions Required

  • Upgrade curl_cffi to version 0.15.0 or later immediately
  • Audit applications using curl_cffi to identify any user-controlled URL inputs
  • Implement application-level URL validation to block requests to internal IP ranges
  • Configure network-level controls to prevent application servers from accessing cloud metadata endpoints directly

Patch Information

The vulnerability is fixed in curl_cffi version 0.15.0. Organizations should update their Python dependencies to use the patched version. The fix implements proper URL validation and restricts requests to internal IP ranges by default. Refer to the GitHub Security Advisory GHSA-qw2m-4pqf-rmpp for complete details on the security update.

Workarounds

  • Implement a URL allowlist at the application level, permitting only known-safe external domains
  • Deploy a forward proxy that validates and filters outbound requests, blocking connections to internal IP ranges
  • Disable automatic redirect following in curl_cffi configurations and manually validate redirect targets
  • Use cloud metadata service hardening (e.g., AWS IMDSv2 with hop limit of 1) to prevent SSRF-based credential theft
bash
# Example: Upgrade curl_cffi to patched version
pip install --upgrade curl_cffi>=0.15.0

# Verify installed version
pip show curl_cffi | grep Version

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

  • Vulnerability Details
  • TypeSSRF
  • Vendor/TechCurl Cffi
  • SeverityHIGH
  • CVSS Score8.6
  • EPSS Probability0.01%
  • Known ExploitedNo
  • CVSS Vector
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
  • Impact Assessment
  • ConfidentialityLow
  • IntegrityNone
  • AvailabilityNone
  • CWE References
  • CWE-918
  • Vendor Resources
  • GitHub Security Advisory
  • Latest CVEs
  • CVE-2026-40322: SiYuan Knowledge Management RCE Vulnerability
  • CVE-2026-40318: SiYuan Path Traversal Vulnerability
  • CVE-2026-40259: SiYuan Auth Bypass Vulnerability
  • CVE-2026-40255: AdonisJS HTTP Server CSRF Vulnerability
Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform can protect your organization now and into the future.

Try SentinelOne
  • Get Started
  • Get a Demo
  • Product Tour
  • Why SentinelOne
  • Pricing & Packaging
  • FAQ
  • Contact
  • Contact Us
  • Customer Support
  • SentinelOne Status
  • Language
  • Platform
  • Singularity Platform
  • Singularity Endpoint
  • Singularity Cloud
  • Singularity AI-SIEM
  • Singularity Identity
  • Singularity Marketplace
  • Purple AI
  • Services
  • Wayfinder TDR
  • SentinelOne GO
  • Technical Account Management
  • Support Services
  • Verticals
  • Energy
  • Federal Government
  • Finance
  • Healthcare
  • Higher Education
  • K-12 Education
  • Manufacturing
  • Retail
  • State and Local Government
  • Cybersecurity for SMB
  • Resources
  • Blog
  • Labs
  • Case Studies
  • Videos
  • Product Tours
  • Events
  • Cybersecurity 101
  • eBooks
  • Webinars
  • Whitepapers
  • Press
  • News
  • Ransomware Anthology
  • Company
  • About Us
  • Our Customers
  • Careers
  • Partners
  • Legal & Compliance
  • Security & Compliance
  • Investor Relations
  • S Foundation
  • S Ventures

©2026 SentinelOne, All Rights Reserved.

Privacy Notice Terms of Use

English