phanan/koel Security Advisories for v9.7.0 (3)
-
[MEDIUM] Koel: Server-Side Request Forgery (SSRF) in radio station creation due to missing validation bail
PKSA-69y7-vwnx-px15 CVE-2026-50552 GHSA-jr4p-4xjh-fwvw
Affected version: <=9.7.0
Reported by:
GitHub -
[HIGH] Koel: Incomplete fix for CVE-2026-47260 — systemic SSRF in podcast & radio fetch paths
PKSA-1qtf-pcfh-kb47 CVE-2026-54491 GHSA-6qvr-wjmv-v8mm
Affected version: <=9.7.0
Reported by:
GitHub