CVE-2026-9813 FlowIntel external reference URL probe allows server-side request forgery

FlowIntel up to version 3.3.0 contains a server-side request forgery SSRF vulnerability in the external reference URL probe functionality in app/case/task.py. An attacker who can submit an external reference URL can cause the application server to issue an HTTP HEAD request to an attacker-specifi...

CVE-2026-30118

scalar/astro v0.1.13 was discovered to contain a Server-Side Request Forgery SSRF in the scalarurl query parameter of the Scalar Proxy endpoint. This vulnerability allows unauthenticated attackers to force the backend server to send HTTP requests to attacker-controlled URLs, leading to...

Jenkins GitHub Branch Source Plugin 安全漏洞

Jenkins GitHub Branch Source Plugin is an open-source plugin for Jenkins that provides continuous integration capabilities, enabling discovery of code hosting platforms and the selection of build branches. The Jenkins GitHub Branch Source Plugin versions 1967.vdead580c1aba and earlier contain...

Server-Side Request Forgery

Glances is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient validation of the publicapi configuration parameter in the IP plugin, where attacker-controlled URLs are used directly in outbound HTTP requests without scheme or hostname restrictions, allowing...

CVE-2026-35578

CVE-2026-35578 affects ChurchCRM prior to version 7.0.0, where an Open Redirect can be triggered via the linkBack URL parameter in DonatedItemEditor.php. The vulnerability allows an authenticated user to be redirected to an attacker-specified URL when interacting with certain Cancel flows. The is...

PT-2026-30228

prompts.chat prior to commit 30a8f04 contains a server-side request forgery vulnerability in Fal.ai media status polling that allows authenticated users to perform arbitrary outbound requests by supplying attacker-controlled URLs in the token parameter. Attackers can exploit the lack of URL...

Inference-Time Backdoors Via Hidden Instructions in LLM Chat Templates

Open-weight language models are increasingly used in production settings, raising new security challenges. One prominent threat in this context is backdoor attacks, in which adversaries embed hidden behaviors in language models that activate under specific conditions. Previous work has assumed th...

Server-Side Request Forgery (SSRF)

Chainlit is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to fetching attacker-controlled URLs during element updates, where the SQLAlchemy data layer performs outbound HTTP GET requests on user-supplied url values, allowing authenticated attackers to access internal...

CVE-2025-69195

CVE-2025-69195 affects wget2. A stack-based buffer overflow in the filename sanitization logic (notably get_local_filename_real) can be triggered by attacker-controlled URL paths, potentially causing memory corruption on user interaction. Public advisories indicate a fix in wget2 2.2.1 (and relat...

EUVD-2025-201846

SAP BusinessObjects Business Intelligence Platform lets an unauthenticated remote attacker send crafted requests through the URL parameter that controls the login page error message. This can cause the server to fetch attacker-supplied URLs, resulting in low impact to confidentiality and integrit...

CVE-2023-24437

A cross-site request forgery CSRF vulnerability in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

PT-2023-19619 · Jenkins · Jenkins Bearychat Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins BearyChat Plugin versions 3.0.2 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL. Recommendations: For Jenkins BearyChat Plugin...

Japan Construction Information Center DENSHI NYUSATSU CORE SYSTEM 输入验证错误漏洞

Japan Construction Information Center DENSHI NYUSATSU CORE SYSTEM is a construction core management system from Japan Construction Information Center, Inc. A security vulnerability exists in the Japan Construction Information Center DENSHI NYUSATSU CORE SYSTEM that originates when a user accesses...

PT-2022-22082 · Vmware +1 · Jenkins Vrealize Orchestrator Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins vRealize Orchestrator Plugin versions 3.0 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to send an HTTP POST request to an attacker-specified URL. This issue enables attackers to perform...

jenkins-2-plugins/blueocean: Blue Ocean Plugin does not perform permission checks in several HTTP endpoints implementing connection tests.

A missing permission check in Jenkins Blue Ocean Plugin 1.23.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...