EUVD-2026-34771

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.1.3 via the saveaigeneratedimage function. This makes it possible for authenticated attackers, with Author-level...

Geyser 代码问题漏洞

Geyser is a cross-platform game version bridging proxy tool developed by GeyserMC. Versions of Geyser prior to 2.9.3 contained code vulnerabilities. These vulnerabilities stemmed from server-side request forgeing when processing texture data for players’ heads in Minecraft. This allowed attackers...

CVE-2026-2948

The vulnerability CVE-2026-2948 affects the Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress (versions ≤ 3.5.3). It permits Server-Side Request Forgery via the import_images() function, exploitable by authenticated users with contributor-level access or higher. T...

CVE-2026-2948

The Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.5.3 via the importimages function. This makes it possible for authenticated attackers, with contributor-level access and above, t...

CVE-2026-6812

The Ona theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.26 via the onaactivatechildtheme. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating...

CVE-2026-31955

Xibo is an open source digital signage platform with a web content management system and Windows display player software. An authenticated Server-Side Request Forgery SSRF vulnerability in versions prior to 4.4.1 allows users with DataSet permissions to make arbitrary HTTP requests from the CMS...

CVE-2026-40089

Sonicverse is a Self-hosted Docker Compose stack for live radio streaming. The Sonicverse Radio Audio Streaming Stack dashboard contains a Server-Side Request Forgery SSRF vulnerability in its API client apps/dashboard/lib/api.ts. Installations created using the provided install.sh script includi...

CVE-2026-40089

Sonicverse is a Self-hosted Docker Compose stack for live radio streaming. The Sonicverse Radio Audio Streaming Stack dashboard contains a Server-Side Request Forgery SSRF vulnerability in its API client apps/dashboard/lib/api.ts. Installations created using the provided install.sh script includi...

CVE-2026-40089 Sonicverse has Server-Side Request Forgery via user-controlled URLs in dashboard API client

Sonicverse is a Self-hosted Docker Compose stack for live radio streaming. The Sonicverse Radio Audio Streaming Stack dashboard contains a Server-Side Request Forgery SSRF vulnerability in its API client apps/dashboard/lib/api.ts. Installations created using the provided install.sh script includi...

CVE-2026-40072

CVE-2026-40072 – SSRF via CCIP Read in web3.py Affected: web3.py (Python library) versions 6.0.0b3 through before 7.15.0 and 8.0.0b2. The CCIP Read / OffchainLookup (EIP-3668) implementation fetches URLs supplied by contracts without destination validation and with default-on exposure (global_cci...

n8n-MCP 代码问题漏洞

n8n-MCP is a model context protocol server developed by Romuald Członkowski, an individual developer. Versions of n8n-MCP prior to 2.47.4 contained code vulnerabilities. These vulnerabilities stemmed from authenticated server-side request forgery attacks, which could allow callers with a valid...

Sonicverse 代码问题漏洞

Sonicverse is an open-source, hosted real-time radio audio streaming solution developed by Sonicverse. There are code-related vulnerabilities in Sonicverse; these vulnerabilities stem from the API client accepting user-controlled URLs with insufficient validation. This could allow authenticated...

CVE-2026-34753

vLLM is an inference and serving engine for large language models LLMs. From 0.16.0 to before 0.19.0, a server-side request forgery SSRF vulnerability in downloadbytesfromurl allows any actor who can control batch input JSON to make the vLLM batch runner issue arbitrary HTTP/HTTPS requests from t...

CVE-2026-34753

The CVE-2026-34753 issue is an SSRF in vLLM’s download_bytes_from_url used by the batch runner. Attacker-controlled batch input JSON can set file_url to arbitrary HTTP(S) URLs, and the code fetches them without URL validation, allowing requests from the vLLM host to internal or external targets (...

CVE-2026-34753 vLLM affected by Server-Side Request Forgery (SSRF) in `download_bytes_from_url `

vLLM is an inference and serving engine for large language models LLMs. From 0.16.0 to before 0.19.0, a server-side request forgery SSRF vulnerability in downloadbytesfromurl allows any actor who can control batch input JSON to make the vLLM batch runner issue arbitrary HTTP/HTTPS requests from t...

PT-2026-30275

Summary A Server Side Request Forgery SSRF vulnerability in download bytes from url allows any actor who can control batch input JSON to make the vLLM batch runner issue arbitrary HTTP/HTTPS requests from the server, without any URL validation or domain restrictions. This can be used to target...

EUVD-2026-11381

SiYuan has a Full-Read SSRF via /api/network/forwardProxy...

CVE-2026-32110 SiYuan has a Full-Read SSRF via /api/network/forwardProxy

SiYuan is a personal knowledge management system. Prior to 3.6.0, the /api/network/forwardProxy endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to it, returning the full response body and...

CVE-2026-32110

SiYuan (personal knowledge management system) suffers a Full-Read SSRF via the /api/network/forwardProxy endpoint prior to version 3.6.0. Authenticated users can supply a user-controlled URL and trigger the server to fetch arbitrary HTTP resources, with the system returning the full response body...

CVE-2026-32110 SiYuan has a Full-Read SSRF via /api/network/forwardProxy

SiYuan is a personal knowledge management system. Prior to 3.6.0, the /api/network/forwardProxy endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to it, returning the full response body and...