35 matches found
EUVD-2026-33273
Mautic Focus component Vulnerable to SSRF...
EUVD-2026-39638
The WSO2 API Manager's message flow component, when processing WS-Addressing headers, does not sufficiently validate or restrict user-controlled input within these headers. This omission allows an attacker to manipulate WS-Addressing headers to specify arbitrary destinations for server-initiated...
PT-2026-52667
Name of the Vulnerable Software and Affected Versions WSO2 API Manager affected versions not specified Description The message flow component fails to sufficiently validate or restrict user-controlled input within WS-Addressing headers. This allows an unauthenticated attacker to manipulate these...
GHSA-24FP-5V3P-RVPW Chisel has an ACL Bypass via Post-Handshake SSH Channel ExtraData Injection
Summary Authenticated chisel clients can bypass --authfile ACL restrictions and tunnel traffic to arbitrary destinations reachable from the server. The ACL is enforced only during the initial handshake against declared remotes, but never on subsequent SSH channels that carry actual traffic. A...
CVE-2026-5936
An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal network services, access otherwise unreachable endpoints e.g., cloud metadata services, or bypass...
CVE-2026-44258
efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the elfindercheckRisk function validates target and targets for path traversal and home containment, but does not validate the dst destination parameter used by elfinderpaste. An attacker can copy or move files from within the home...
CVE-2026-5936
An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal network services, access otherwise unreachable endpoints e.g., cloud metadata services, or bypass...
CVE-2026-5936
CVE-2026-5936 pertains to Foxit PDF Services API and describes a server-side request forgery (SSRF) where an attacker can influence a server to perform HTTP requests to arbitrary destinations by supplying a crafted URL. Affects the component handling URL parameters; this can enable probing intern...
CVE-2026-5936
An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal network services, access otherwise unreachable endpoints e.g., cloud metadata services, or bypass...
PT-2026-32283
An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal network services, access otherwise unreachable endpoints e.g., cloud metadata services, or bypass...
CVE-2026-40072
web3.py allows you to interact with the Ethereum blockchain using Python. From 6.0.0b3 to before 7.15.0 and 8.0.0b2, web3.py implements CCIP Read / OffchainLookup EIP-3668 by performing HTTP requests to URLs supplied by smart contracts in offchainlookuppayload"urls". The implementation uses these...
CVE-2026-0932
Blind server-side request forgery SSRF vulnerability in legacy connection methods of document co-authoring features in M-Files Server before 26.3 allow an unauthenticated attacker to cause the server to send HTTP GET requests to arbitrary URLs...
CVE-2026-27472 SPIP < 4.4.9 Blind Server-Side Request Forgery via Syndicated Sites
SPIP before 4.4.9 allows Blind Server-Side Request Forgery SSRF via syndicated sites in the private area. When editing a syndicated site, the application does not verify that the syndication URL is a valid remote URL, allowing an authenticated attacker to make the server issue requests to arbitra...
Linux Distros Unpatched Vulnerability : CVE-2026-27472
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SPIP before 4.4.9 allows Blind Server-Side Request Forgery SSRF via syndicated sites in the private area. When editing a syndicated site, the application does n...
PT-2026-20845
Name of the Vulnerable Software and Affected Versions SPIP versions prior to 4.4.9 Description SPIP before version 4.4.9 contains a Blind Server-Side Request Forgery SSRF issue related to syndicated sites within the private area. The application does not validate the syndication URL when editing ...
PT-2025-53337
Name of the Vulnerable Software and Affected Versions Teradek VidiU Pro version 3.0.3 Description The software contains a server-side request forgery issue in the management interface. Attackers can manipulate GET parameters url and xml url to bypass firewalls, perform network enumeration, and...
CVE-2023-53893
Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery vulnerability in the job callback URL parameter that allows attackers to bypass network restrictions. Attackers can exploit the unvalidated parameter to initiate file, service, and network enumeration by forcing the...
CVE-2023-53893
Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery vulnerability in the job callback URL parameter that allows attackers to bypass network restrictions. Attackers can exploit the unvalidated parameter to initiate file, service, and network enumeration by forcing the...
CVE-2023-53893
Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery vulnerability in the job callback URL parameter that allows attackers to bypass network restrictions. Attackers can exploit the unvalidated parameter to initiate file, service, and network enumeration by forcing the...
Server-Side Request Forgery (SSRF)
Open WebUI is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient validation of user-supplied URLs, allowing authenticated users to force the server to send HTTP requests to arbitrary destinations, which may enable access to internal services, cloud metadata...