2 matches found
CVE-2026-0560
creationtimestamp| type| source ---|---|--- 2026-03-29 18:35:02+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mi7ryzibeh2n 2026-03-29 18:38:44+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mi7s7mjdba2x 2026-03-29 19:15:55+00:00|...
CVE-2026-0560 Server-Side Request Forgery (SSRF) in parisneo/lollms
A Server-Side Request Forgery SSRF vulnerability exists in parisneo/lollms versions prior to 2.2.0, specifically in the /api/files/export-content endpoint. The downloadimagetotemp function in backend/routers/files.py fails to validate user-controlled URLs, allowing attackers to make arbitrary HTT...