[MEDIUM] Saloon is vulnerable to SSRF and credential leakage via absolute URL in endpoint overriding base URL

PKSA-5szq-gvrg-ttfq CVE-2026-33182 GHSA-c83f-3xp6-hfcp

Affected package: saloonphp/saloon

Affected version: <4.0.0

Reported by:
GitHub