CVE-2026-12975
HighCVSS 8.5Exploitation Probability (EPSS)
Low risk14th percentile - higher than 14% of all known CVEs
Summary
A flaw was found in Apicurio Registry where the ContentTypeUtil.isParsableXml() method creates a SAXParserFactory without enabling secure processing features or disabling external entity resolution. An attacker with artifact-write permission (or unauthenticated when the registry runs with default configuration) can upload a crafted XML document to trigger blind server-side request forgery (SSRF) via external DTD/entity fetch, or cause denial of service via entity expansion.
Risk Assessment
The risk includes potential SSRF attacks that could expose internal network resources, and DoS attacks that could disrupt service availability. Under default configuration, the attack can be performed without authentication.
Recommendation
Immediately update Apicurio Registry to a patched version. Until then, enable secure XML processing in the configuration and restrict artifact-write permissions.
Original NVD description (English source)
A flaw was found in Apicurio Registry. The ContentTypeUtil.isParsableXml() method creates a SAXParserFactory without enabling secure processing features or disabling external entity resolution. An attacker with artifact-write permission (or unauthenticated when the registry runs with default configuration) can upload a crafted XML document to trigger blind server-side request forgery (SSRF) via external DTD/entity fetch, or cause denial of service via entity expansion.

