CVE-2026-22048 – StorageGRID Server-Side Request Forgery (SSRF) Vulnerability

CVE ID : CVE-2026-22048

Published : Feb. 18, 2026, 12:16 a.m. | 43 minutes ago

Description : StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.12 and 12.0.0.4 with Single Sign-on enabled and configured to use Microsoft Entra ID (formerly Azure AD) as an IdP are susceptible to a Server-Side Request Forgery (SSRF) vulnerability. Successful exploit could allow an authenticated attacker with low privileges to delete configuration data or deny access to some resources.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…