A vulnerability described as critical has been identified in WSO2 API Manager up to 3.0.x . This affects an unknown part of the component Destination Handler . Executing a manipulation can lead to server-side request forgery. The identification of this vulnerability is CVE-2026-2053 . The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.