—
GO-2026-5687
Nezha Monitoring: RoleMember-reachable SSRF with full response-body reflection via POST /api/v1/notification in github.com/nezhahq/nezha
Details
Nezha Monitoring: RoleMember-reachable SSRF with full response-body reflection via POST /api/v1/notification in github.com/nezhahq/nezha
Are you affected?
Enter the version of the package you're using.
Affected packages
Go / github.com/nezhahq/nezha
Introduced in:
1.4.0 Fixed in: 1.14.15-0.20260517022419-d06d539d34c1 Fix
go get github.com/nezhahq/nezha@v1.14.15-0.20260517022419-d06d539d34c1