Lucene search
K

244 matches found

NVD
NVD
added 2 days ago13 views

CVE-2026-56259

Crawl4AI before 0.8.8 contains credential exfiltration vulnerabilities in the Docker API server that allow attackers to redirect LLM API calls to attacker-controlled endpoints and read arbitrary environment variables. Attackers can exploit the unauthenticated /md, /llm, and /llm/job endpoints by...

8.8CVSS0.00268EPSS
Exploits0References2
OSV
OSV
added 2 days ago3 views

CVE-2026-56259 Crawl4AI - LLM Credential Exfiltration via base_url and Environment Variable Resolution

Crawl4AI before 0.8.8 contains credential exfiltration vulnerabilities in the Docker API server that allow attackers to redirect LLM API calls to attacker-controlled endpoints and read arbitrary environment variables. Attackers can exploit the unauthenticated /md, /llm, and /llm/job endpoints by...

8.8CVSS6.2AI score0.00268EPSS
Exploits0References4
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42106

mem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side request forgery via attacker-controlled ollamabaseurl parameter. Unauthenticated attackers can retrieve stored secrets like OpenAI API keys via GET /api/v1/config/ or trigger SSRF attack...

9.3CVSS6AI score0.00259EPSS
Exploits0References5
NVD
NVD
added last week8 views

CVE-2026-59706

mem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side request forgery via attacker-controlled ollamabaseurl parameter. Unauthenticated attackers can retrieve stored secrets like OpenAI API keys via GET /api/v1/config/ or trigger SSRF attack...

9.3CVSS0.00259EPSS
Exploits0References4
Cvelist
Cvelist
added last week24 views

CVE-2026-59706 mem0 - Unauthenticated Config API Exposure and SSRF via ollama_base_url

mem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side request forgery via attacker-controlled ollamabaseurl parameter. Unauthenticated attackers can retrieve stored secrets like OpenAI API keys via GET /api/v1/config/ or trigger SSRF attack...

9.3CVSS0.00259EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added last week6 views

CVE-2026-59706

mem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side request forgery via attacker-controlled ollamabaseurl parameter. Unauthenticated attackers can retrieve stored secrets like OpenAI API keys via GET /api/v1/config/ or trigger SSRF attack...

9.3CVSS6AI score0.00259EPSS
Exploits0References5
OSV
OSV
added 2026/07/02 2:13 p.m.5 views

PYSEC-2026-647 Open Redirect vulnerability in jupyterhub and notebook

An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.8 and some browsers Chrome, Firefox in JupyterHub before 0.9.6 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a baseurl prefix are not affecte...

6.1CVSS6.6AI score0.01741EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/06/25 3:50 p.m.7 views

CVE-2026-54033

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, LibreChat allows users to configure custom OpenAI-compatible API endpoints by setting a baseURL. This URL is used to construct HTTP requests without any SSRF validation — no private IP check, no scheme...

7.7CVSS5.9AI score0.00207EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/06/25 3:50 p.m.34 views

CVE-2026-54033 LibreChat: SSRF via User-Provided Custom Endpoint baseURL — no private IP validation on user-configured API base URLs

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, LibreChat allows users to configure custom OpenAI-compatible API endpoints by setting a baseURL. This URL is used to construct HTTP requests without any SSRF validation — no private IP check, no scheme...

7.7CVSS0.00207EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/25 3:50 p.m.5 views

EUVD-2026-39460

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, LibreChat allows users to configure custom OpenAI-compatible API endpoints by setting a baseURL. This URL is used to construct HTTP requests without any SSRF validation — no private IP check, no scheme...

7.7CVSS5.9AI score0.00207EPSS
Exploits1References1
NVD
NVD
added 2026/06/23 1:16 p.m.12 views

CVE-2026-56275

Flowise before 3.1.0 contains a server-side request forgery vulnerability in the Execute Flow node that allows attackers to bypass security validation by providing intranet addresses through the base URL field. Attackers can initiate HTTP requests to internal network addresses, access cloud...

7.1CVSS0.00183EPSS
Exploits1References2
CVE
CVE
added 2026/06/23 12:13 p.m.15 views

CVE-2026-56275

CVE-2026-56275 concerns Flowise prior to 3.1.0, where the Execute Flow node is vulnerable to a server-side request forgery (SSRF). By supplying intranet addresses in the base URL field, an attacker can bypass security validation and initiate HTTP requests to internal network addresses, potentiall...

7.1CVSS5.9AI score0.00183EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 12:13 p.m.6 views

CVE-2026-56275

Flowise before 3.1.0 contains a server-side request forgery vulnerability in the Execute Flow node that allows attackers to bypass security validation by providing intranet addresses through the base URL field. Attackers can initiate HTTP requests to internal network addresses, access cloud...

6CVSS5.9AI score0.00183EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/23 12:13 p.m.42 views

CVE-2026-56275 Flowise - Server-Side Request Forgery via Execute Flow Base URL

Flowise before 3.1.0 contains a server-side request forgery vulnerability in the Execute Flow node that allows attackers to bypass security validation by providing intranet addresses through the base URL field. Attackers can initiate HTTP requests to internal network addresses, access cloud...

6CVSS0.00183EPSS
Exploits1References2
NVD
NVD
added 2026/06/18 4:16 p.m.10 views

CVE-2025-58175

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.26.4 and 2.27.3, a GeoServer that uses ENTITYRESOLUTIONALLOWLIST may allow attacker to perform unauthenticated Server-Side Request Forgery SSRF. This vulnerability requires that GeoServer i...

8.2CVSS0.00287EPSS
Exploits0References3
CVE
CVE
added 2026/06/18 2:31 p.m.29 views

CVE-2025-58175

CVE-2025-58175 affects GeoServer prior to 2.26.4 and 2.27.3. When GeoServer is configured to use a proxy base URL and ENTITY_RESOLUTION_ALLOWLIST, an unauthenticated Server-Side Request Forgery (SSRF) can be triggered. The issue only affects installations where the proxy base URL lacks a URL path...

8.2CVSS5.3AI score0.00287EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/16 9:0 p.m.7 views

GHSA-F989-C77F-R2CQ Crawl4AI: LLM credential exfiltration in Docker server via request base_url and env: token resolution

Summary The Docker API server let a request control where LLM calls were sent and which environment variable an LLM token resolved from. Both could be abused to exfiltrate server-held secrets. The Docker API is unauthenticated by default. Vector 1 - attacker baseurl /md, /llm, and /llm/job accept...

8.2CVSS5.6AI score0.00268EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/16 9:0 p.m.5 views

Server-side Request Forgery (SSRF)

Overview Crawl4AI is a 🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & scraper Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the baseurl parameter in API requests and the resolution of environment variables in the LLM configuration process. An attack...

8.8CVSS5.8AI score0.00268EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/12 6:28 p.m.17 views

Appsmith: Configuration-dependent origin validation bypass in password reset and email verification link generation

Summary A configuration-dependent origin validation bypass was identified in Appsmith’s password reset and email verification flows on current release. Both flows derive the email-link base URL from the request Origin header. The current validation only enforces a trusted base URL when...

5.5AI score
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/12 6:28 p.m.22 views

GHSA-J9GF-VW2F-9HRW Appsmith: Configuration-dependent origin validation bypass in password reset and email verification link generation

Summary A configuration-dependent origin validation bypass was identified in Appsmith’s password reset and email verification flows on current release. Both flows derive the email-link base URL from the request Origin header. The current validation only enforces a trusted base URL when...

8.1CVSS5.6AI score
Exploits0References3
Rows per page
Query Builder