Description
Koel is a free, open-source music streaming solution. Prior to version 9.3.5, Koel validates the podcast feed URL via the SafeUrl rule (DNS resolution + public IP check), but the individual episode <enclosure url="..."> values extracted from the RSS XML are stored directly into the database without any SSRF validation. When a user plays an episode, the server downloads the full HTTP response from the unvalidated enclosure URL via Http::sink()->get() and streams it back to the user, enabling full-read SSRF against internal services. This issue has been patched in version 9.3.5.
Published: 2026-06-12
Score: 7.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Koel, a free, open‑source music streaming platform, validates the podcast feed URL before use but does not perform the same validation on the individual episode enclosure URLs extracted from the RSS XML. When a user plays an episode, the application downloads the full HTTP response from the unvalidated enclosure URL and streams it back to the user, resulting in a full‑read Server‑Side Request Forgery (SSRF). An attacker can supply a crafted enclosure URL that points to internal network hosts – for example local services or VM metadata endpoints – and obtain arbitrary internal data. The weakness is a classic SSRF flaw (CWE‑918) originating from missing validation of outbound HTTP requests. Affected systems are installations of Koel prior to version 9.3.5. The vulnerable logic applies to all releases that permit users to import podcast feeds; the patch is included in release 9.3.5 and later. The CVSS score of 7.7 reflects a high‑impact flaw, yet the EPSS score of less than 1 % indicates a very low exploitation probability at the time of assessment. The vulnerability is not listed in the CISA KEV catalog. An attacker would need to supply a malicious podcast feed or episode URL and then trigger playback; the path requires no authentication beyond the ability to access Koel, so once the server is exposed, any internal resource reachable from its network can be read.

Affected Systems

Koel installations running any version earlier than 9.3.5. All affected builds expose the bug when users can import or play podcast episodes.

Risk and Exploitability

The moderate CVSS score suggests that successfully performing the SSRF can compromise internal services and information. However, the very low EPSS score means real-world exploitation is unlikely. Because the vulnerability depends on user interaction with podcast data, exploitation would likely be limited to stakeholders with access to the Koel application. The issue has been fixed in 9.3.5, so upgrading protects against the flaw. Potential attackers could still target environments that have not applied the patch, crafting malicious enclosure URLs to reach private IP ranges or internal APIs that respond over HTTP.

Generated by OpenCVE AI on June 12, 2026 at 20:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Koel to version 9.3.5 or later, where enclosure URLs are validated against unsafe addresses.
  • If an immediate upgrade is not possible, configure the application firewall or host firewall to block outbound HTTP requests to private IP ranges (e.g., 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) from the Koel server.
  • Enable logging of outbound HTTP requests and investigate any unexpected requests to internal addresses; block or alert on anomalous patterns.

Generated by OpenCVE AI on June 12, 2026 at 20:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-7j2f-6h2r-6cqc Koel Vulnerable to SSRF via Podcast Episode Enclosure URLs
History

Fri, 12 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Koel
Koel koel
Vendors & Products Koel
Koel koel

Fri, 12 Jun 2026 19:45:00 +0000

Type Values Removed Values Added
Description Koel is a free, open-source music streaming solution. Prior to version 9.3.5, Koel validates the podcast feed URL via the SafeUrl rule (DNS resolution + public IP check), but the individual episode <enclosure url="..."> values extracted from the RSS XML are stored directly into the database without any SSRF validation. When a user plays an episode, the server downloads the full HTTP response from the unvalidated enclosure URL via Http::sink()->get() and streams it back to the user, enabling full-read SSRF against internal services. This issue has been patched in version 9.3.5.
Title Koel Vulnerable to SSRF via Podcast Episode Enclosure URLs
Weaknesses CWE-918
References
Metrics cvssV3_1

{'score': 7.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N'}

Subscriptions

Koel Koel
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-12T18:50:42.766Z

Reserved: 2026-05-18T23:03:37.229Z

Link: CVE-2026-47260

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-12T20:16:46.320

Modified: 2026-06-12T20:16:46.320

Link: CVE-2026-47260

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-12T21:30:07Z

Weaknesses
  • CWE-918

    Server-Side Request Forgery (SSRF)