Lucene search
K

739 matches found

Vulnrichment
Vulnrichment
added 2026/05/14 4:56 p.m.9 views

CVE-2026-44520 Docling-Graph: SSRF via Missing Internal IP Validation in URLInputHandler

Docling-Graph turns documents into validated Pydantic objects, then builds a directed knowledge graph with explicit semantic relationships. Prior to 1.5.1, the URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the...

5.7CVSS5.8AI score0.00188EPSS
Exploits0References1
CVE
CVE
added 2026/05/14 4:56 p.m.19 views

CVE-2026-44520

Docling-Graph.js: The SSRF flaw arises in URLInputHandler, where URLs from untrusted sources are fetched without IP-level validation. Prior to version 1.5.1, the URLValidator only checked scheme and netloc, not private/loopback/link-local addresses, and requests.head() allowed redirects, enabling...

5.7CVSS5.8AI score0.00188EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.7 views

JunoClaw 代码问题漏洞

JunoClaw is a decentralized AI proxy platform developed by Dragonmonk111. Versions of JunoClaw prior to 0.x.y-security-1 contained code vulnerabilities. These vulnerabilities stemmed from the computeDataVerify function in the WAVS bridge, which did not validate the protocol, port, or parse the IP...

8.2CVSS5.9AI score0.0023EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.9 views

Unity Linux 20.1060e / 20.1070e Security Update: php (UTSA-2026-017496)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017496 advisory. In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filtervar$url, FILTERVALIDATEURL, PHP will accept an URL wi...

5.3CVSS6.8AI score0.02983EPSS
Exploits1References4
OSV
OSV
added 2026/05/10 9:16 p.m.10 views

DEBIAN-CVE-2026-45190

Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newline or non-ASCII digit characters pass the validators but are then re-encoded by the parser to a different address than the inp...

6.5CVSS5.8AI score0.00311EPSS
Exploits0References1
NVD
NVD
added 2026/05/10 9:16 p.m.21 views

CVE-2026-45190

Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newline or non-ASCII digit characters pass the validators but are then re-encoded by the parser to a different address than the inp...

6.5CVSS0.00311EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/10 8:15 p.m.13 views

CVE-2026-45190

Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newline or non-ASCII digit characters pass the validators but are then re-encoded by the parser to a different address than the inp...

5.8AI score0.00311EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/10 8:15 p.m.9 views

CVE-2026-45190 Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass

Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newline or non-ASCII digit characters pass the validators but are then re-encoded by the parser to a different address than the inp...

5.8AI score0.00311EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/05/10 8:15 p.m.13 views

CVE-2026-45190

Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newline or non-ASCII digit characters pass the validators but are then re-encoded by the parser to a different address than the inp...

6.5CVSS5.8AI score0.00311EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/09 12:0 a.m.11 views

Linkwarden 代码问题漏洞

Linkwarden is a self-hosted collaborative bookmark manager developed by Linkwarden OpenSource. Versions of Linkwarden prior to 2.13.0 had code vulnerabilities. These vulnerabilities stemmed from insufficient URL validation in the fetchTitleAndHeaders function, which only checked the http:// or...

9.1CVSS6AI score0.00285EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/08 10:17 p.m.59 views

CVE-2026-44286 FastGPT: SSRF Vulnerability in Laf Workflow Node via Missing Internal Address Validation

FastGPT is an AI Agent building platform. Prior to version 4.14.17, an unauthenticated Server-Side Request Forgery SSRF vulnerability allows attackers or authenticated users with App editing privileges to send arbitrary HTTP requests to internal/private network addresses. The fetchData function i...

2.3CVSS0.00228EPSS
Exploits0References2
CVE
CVE
added 2026/05/08 10:17 p.m.27 views

CVE-2026-44286

FastGPT (AI Agent platform) contains an SSRF in the lafModule workflow node: fetchData fetches user-controlled URLs with axios without checking the internal-address blocklist (isInternalAddress), allowing requests to internal/private networks. This affects versions before 4.14.17 and can be trigg...

2.3CVSS5.9AI score0.00228EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.16 views

PT-2026-39224

Name of the Vulnerable Software and Affected Versions Linkwarden versions prior to 2.13.0 Description Insufficient URL validation in the fetchTitleAndHeaders function allows authenticated users to perform Server-Side Request Forgery SSRF, a flaw where the server is tricked into making requests to...

9.1CVSS5.9AI score0.00285EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.9 views

FastGPT 代码问题漏洞

FastGPT is an open-source knowledge base question-answering system based on large language models developed by Labring. Versions of FastGPT prior to 4.14.17 contained code vulnerabilities. These vulnerabilities stemmed from the fetchData function in the lafModule workflow node, which used axios t...

2.3CVSS5.9AI score0.00228EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/07 9:30 p.m.12 views

Ech0's OAuth redirect URI validation ignores path component, enables exchange-code theft

Summary parseAndValidateClientRedirect at internal/service/auth/auth.go:448 validates OAuth client-redirect URIs by comparing only scheme and host against the admin-configured allowlist. Path, query, and fragment are ignored. The initiator at /oauth/:provider/login embeds the caller-supplied...

5.9AI score
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/07 6:54 p.m.7 views

CVE-2026-42259 Saltcorn: Open Redirect in `POST /auth/login` due to incomplete `is_relative_url` validation (backslash bypass)

Saltcorn is an extensible, open source, no-code database application builder. Prior to versions 1.4.6, 1.5.6, and 1.6.0-beta.5, Saltcorn validates the post-login dest parameter with a string check that only blocks :/ and //. Because all WHATWG-compliant browsers normalise backslashes \ to forward...

5.1CVSS5.7AI score0.00339EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/07 1:48 p.m.32 views

CVE-2026-41687 Wallos: SSRF CGNAT Bypass in subscription/payments Logo URL — is_cgnat_ip() Not Used in Inline Checks

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.8.1, the SSRF protection in endpoints/subscription/add.php line 42 and endpoints/payments/add.php line 40 uses an inline IP validation check FILTERFLAGNOPRIVRANGE | FILTERFLAGNORESRANGE that does not block...

4.3CVSS0.00204EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/07 3:15 a.m.16 views

docling-graph has SSRF via Missing Internal IP Validation in URLInputHandler

Impact The URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the target resolves to a private, loopback, or link-local IP address. The URLValidator only checks for a valid scheme and non-empty netloc, performing no...

5.7CVSS5.8AI score0.00188EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/05/07 2:16 a.m.11 views

CVE-2026-40003

ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow,...

6.8CVSS0.00296EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.14 views

PT-2026-38322

Name of the Vulnerable Software and Affected Versions ZTE ZX297520V3 affected versions not specified Description The BootROM contains an issue allowing arbitrary memory writes via USB. Due to a lack of target address validation in the USB download mode, it is possible to write data to any locatio...

6.8CVSS6.1AI score0.00296EPSS
Exploits1References9
Rows per page
Query Builder