A vulnerability categorized as critical has been discovered in Erlang OTP up to 6.x . Impacted is an unknown function in the library lib/inets/src/ftp/ftp_internal.erl of the component PASV Handler . Executing a manipulation can lead to server-side request forgery. This vulnerability is registered as CVE-2026-48858 . It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.