360 matches found
CVE-2026-21037
Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege...
EUVD-2026-34809
Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege...
CVE-2026-21037
Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege...
CVE-2026-21037
Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege...
CVE-2026-45412 MaxKB: Unauthenticated SSRF via Workflow Template Import
MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, SSRF via workflowtemplate Import. Authenticated users can supply arbitrary URLs in workflowtemplate.downloadUrl which are fetched server-side without any URL validation or internal IP filtering. This vulnerability is fixed in...
MaxKB 代码问题漏洞
MaxKB is an open-source question-answering system based on large language models and RAG, developed by 1Panel-dev. Versions of MaxKB prior to 2.9.1 contained code vulnerabilities. These vulnerabilities stemmed from the work-flowtemplate import feature, where authenticated users could provide...
Anthropic / Microsoft MCP Server-Side Request Forgery
Both Anthropic mcp-server-fetch and Microsoft playwright-mcp suffer from server-side request forgery vulnerabilities by accepting arbitrary URLs passed by the AI agent/client without any allowlist enforcement, IP range blocking, or internal network filtering...
DEBIAN-CVE-2026-40295
Devise is an authentication solution for Rails based on Warden. In versions 5.0.3 and below, when the Timeoutable module is enabled in Devise, the FailureAppredirecturl method returns request.referrer — the HTTP Referer header, which is attacker-controllable — without validation for any non-GET...
CVE-2025-26483
Dell PowerFlex Manager, versions 4.6.2 and prior, contains an Open Redirect Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to...
CVE-2025-26483
Dell PowerFlex Manager, versions 4.6.2 and prior, contains an Open Redirect Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to...
PT-2026-42756
Dell PowerFlex Manager, versions 4.6.2 and prior, contains an Open Redirect Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to...
Dell PowerFlex Manager 输入验证错误漏洞
Dell PowerFlex Manager is a product of the American company Dell. Versions of Dell PowerFlex Manager prior to 4.6.2 contained a vulnerability related to input validation. This vulnerability stemmed from open redirection, allowing unauthenticated attackers to redirect target application users to...
CVE-2026-8706
Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive the response rendered with the signed-in user's cookies. This vulnerability was fixed in Firefox for iOS 151.0...
CVE-2026-8706
Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive the response rendered with the signed-in user's cookies. This vulnerability was fixed in Firefox for iOS 151.0...
CVE-2026-8706
Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive the response rendered with the signed-in user's cookies. This vulnerability was fixed in Firefox for iOS 151.0...
terrascan 代码问题漏洞
Trenescan is an open-source infrastructure code static security analysis tool developed by Tenable. Versions of Trenescan 1.18.3 and earlier contained code vulnerabilities. These vulnerabilities stemmed from a server-side request forgeing vulnerability in the webhookurl parameter of the file...
Security Vulnerabilities fixed in Firefox for iOS 151.0 — Mozilla
Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive the response rendered with the signed-in user's cookies...
CVE-2026-42858
Open edX Platform contains a server-side request forgery (SSRF) in the sync_provider_data endpoint of SAMLProviderDataViewSet. An authenticated Enterprise Admin can supply an arbitrary URL via the metadata_url parameter, which is passed to requests.get() in fetch_metadata_xml() without URL valida...
CVE-2026-41644
monetr is a budgeting application for recurring expenses. Prior to version 1.12.5, a server-side request forgery SSRF vulnerability in monetr's Lunch Flow integration allowed any authenticated user on a self-hosted instance to cause the monetr server to issue HTTP GET requests to arbitrary URLs...
CVE-2026-41644 monetr is vulnerable to server-side request forgery in Lunch Flow link creation and refresh
monetr is a budgeting application for recurring expenses. Prior to version 1.12.5, a server-side request forgery SSRF vulnerability in monetr's Lunch Flow integration allowed any authenticated user on a self-hosted instance to cause the monetr server to issue HTTP GET requests to arbitrary URLs...