Mercator

PII Extraction via JSON DSL query For PoC, check my github : https://github.com/hadhub/CVE-2026-49344-Mercator-JSON-DSL The advisory : …

SSRF inside Provider feature For PoC, check my github : https://github.com/hadhub/CVE-2026-49345-Mercator-SSRF The advisory : …

Description A low-privileged user (with the User role) can achieve a full administrator account takeover on Mercator by injecting a …