CVE-2026-44439 Overview
CVE-2026-44439 is a Server-Side Request Forgery (SSRF) vulnerability [CWE-918] in PlaywrightCapture, a Playwright-based replacement for Splash used to capture rendered web pages. Versions prior to 1.39.6 do not sufficiently restrict navigations and resource requests initiated by rendered pages. An attacker-controlled page can abuse browser-side redirection mechanisms such as window.location.href to force the capture process to open file:// URLs or request resources on private, loopback, or link-local addresses. The vulnerability is fixed in version 1.39.6.
Critical Impact
Remote attackers can coerce PlaywrightCapture to reach internal services or read local files, with responses potentially exfiltrated through screenshots, saved page content, or logs.
Affected Products
- PlaywrightCapture versions prior to 1.39.6
- Lookyloo deployments and downstream tools relying on PlaywrightCapture for URL capture
- Any service processing untrusted URLs through PlaywrightCapture
Discovery Timeline
- 2026-05-13 - CVE-2026-44439 published to NVD
- 2026-05-13 - Last updated in NVD database
Technical Details for CVE-2026-44439
Vulnerability Analysis
PlaywrightCapture drives a headless browser to render arbitrary URLs and produce capture artifacts such as screenshots, HTML, and HAR logs. Prior to version 1.39.6, the library did not enforce sufficient restrictions on subsequent navigations and resource loads triggered by the rendered page. Once an attacker-controlled page loads, it can instruct the browser to navigate to internal or local resources that the capture host can reach but external callers cannot.
The issue is classified as Server-Side Request Forgery [CWE-918]. Capture environments commonly run inside trusted network segments where loopback, link-local (169.254.0.0/16), and private RFC1918 ranges expose unauthenticated metadata services, admin panels, or internal APIs. Because the request is issued by the browser process under the capture service's identity, network-level controls intended to protect those endpoints are bypassed.
Root Cause
The root cause is missing validation on URLs that result from in-page navigation triggers. Mechanisms such as window.location.href, meta refresh, and similar redirect primitives were honored without checking whether the destination scheme was file:// or whether the resolved host fell into non-public address space.
Attack Vector
An attacker submits a URL to a service that uses PlaywrightCapture, or hosts a page known to be captured. The page then redirects to file:///etc/passwd, http://127.0.0.1:8080/, http://169.254.169.254/latest/meta-data/, or other internal endpoints. The capture process follows the redirect, fetches the resource, and embeds the response into screenshots, saved DOM content, or request logs. The attacker recovers the data by retrieving the resulting capture artifacts. Refer to the GitHub Security Advisory GHSA-687h-xw6f-q2qw for full technical context.
Detection Methods for CVE-2026-44439
Indicators of Compromise
- Capture artifacts containing content from file:// URLs or local filesystem paths such as /etc/passwd or Windows configuration files.
- Outbound requests from the capture host to loopback (127.0.0.0/8), private (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16), or link-local (169.254.0.0/16) ranges initiated by the Playwright browser process.
- Submitted capture URLs that resolve through redirect chains terminating at internal hostnames or non-public IPs.
Detection Strategies
- Inspect PlaywrightCapture logs and HAR outputs for navigations to non-public IP ranges or file:// schemes.
- Review screenshot and saved-page artifacts for content that does not match the originally requested URL.
- Correlate egress proxy logs with capture job identifiers to flag redirects into internal address space.
Monitoring Recommendations
- Alert on cloud metadata endpoint access (for example 169.254.169.254) originating from capture worker hosts.
- Track PlaywrightCapture version inventory and flag any deployments running below 1.39.6.
- Monitor DNS resolutions performed by capture workers that return private or loopback addresses.
How to Mitigate CVE-2026-44439
Immediate Actions Required
- Upgrade PlaywrightCapture to version 1.39.6 or later in all capture workers and dependent services.
- Audit recent capture artifacts for unexpected internal content and rotate any credentials or tokens that may have been exposed.
- Restrict the capture host's egress network policy to deny loopback, link-local, and RFC1918 destinations.
Patch Information
The fix is delivered in PlaywrightCapture 1.39.6. The remediation tightens the navigation and resource-request handling so that browser-side redirects to file:// URLs and non-public IP addresses are blocked. Review the upstream commit 49e289eb for the exact code changes.
Workarounds
- Run capture workers in a network namespace that cannot route to internal services or cloud metadata endpoints.
- Force capture traffic through an egress proxy that rejects private, loopback, and link-local destinations.
- Disable or block the file:// scheme at the browser launch configuration where supported by the deployment.
# Configuration example
pip install --upgrade "PlaywrightCapture>=1.39.6"
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
