https://vulnerability.circl.lu/sightings/feed 2026-06-20T18:28:38.846261+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/68613644-59ab-4394-b841-9335a538b3b2/export 2026-06-20T18:28:39.221170+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "68613644-59ab-4394-b841-9335a538b3b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12566", "type": "seen", "source": "https://gist.github.com/alon710/d4f4b73b0a184d9eef118aa0970357bf", "content": "# CVE-2026-12566: CVE-2026-12566: Server-Side Request Forgery (SSRF) in Black Lantern Security BBOT docker_pull Module\n\n> **CVSS Score:** 3.1\n> **Published:** 2026-06-18\n> **Full Report:** https://cvereports.com/reports/CVE-2026-12566\n\n## Summary\nA Server-Side Request Forgery (SSRF) vulnerability exists in the docker_pull module of Black Lantern Security BBOT. By returning a maliciously crafted WWW-Authenticate header from a rogue Docker registry or executing a Man-in-the-Middle (MitM) attack, an attacker can coerce the BBOT scanner into making arbitrary HTTP requests to internal system services or external infrastructure, potentially disclosing sensitive authorization tokens and host metadata.\n\n## TL;DR\nBlack Lantern Security BBOT's docker_pull module blindly parses and requests the realm URL from a Docker registry's WWW-Authenticate header, leading to Server-Side Request Forgery (SSRF) and potential credential exposure.\n\n## Technical Details\n\n- **CWE ID**: CWE-918\n- **Attack Vector**: Network\n- **CVSS v3.1 Score**: 3.1 (Low)\n- **EPSS Score**: 0.00167\n- **Impact**: Low-severity information disclosure and Server-Side Request Forgery\n- **Exploit Status**: none\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- Black Lantern Security BBOT (docker_pull module)\n- **BBOT**: >= 2.0.0, <= 2.8.4 (Fixed in: `2.8.5`)\n\n## Mitigation\n\n- Upgrade BBOT to version 2.8.5 or higher.\n- Enforce network segmentation and firewall rules to block scanner egress traffic to private IP addresses (RFC 1918).\n- Enforce IMDSv2 with a hop limit of 1 on cloud instances executing active scanning utilities.\n- Implement a forwarding proxy configured to reject connection requests targeting local or loopback interfaces.\n\n**Remediation Steps:**\n1. Identify all running BBOT deployments and check their current versions.\n2. Execute the update procedure using the package manager: `pip install --upgrade bbot` or update the Docker container pull to use the latest image tag (>= 2.8.5).\n3. Review the outgoing network security groups of scanning hosts and restrict outbound routing strictly to public IP spaces.\n\n## References\n\n- [BBOT Git Commit Patch](https://github.com/blacklanternsecurity/bbot/commit/c2f4bc0f4e4bb4d00f06750dcabf1d9c74c0d3b4)\n- [CVE-2026-12566 Record on CVE.org](https://www.cve.org/CVERecord?id=CVE-2026-12566)\n- [NVD Vulnerability Detail Database Entry](https://nvd.nist.gov/vuln/detail/CVE-2026-12566)\n- [CWE-918: Server-Side Request Forgery](https://cwe.mitre.org/data/definitions/918.html)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-12566) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-18T16:41:21.000000Z"} 2026-06-18T16:41:21+00:00