Lucene search
+L

612 matches found

euvd
euvd
added yesterday5 views

EUVD-2026-44678

FastGPT is a knowledge-based AI application platform. Prior to 4.15.0-beta5, FastGPT's shared SSRF guard validates only the initial request URL before handing the request to axios, and axios follows redirects by default. An authenticated workflow user can configure an HTTP request node to call an...

6.3CVSS6.1AI score
Exploits0References2
cvelist
cvelist
added yesterday19 views

CVE-2026-61646 FastGPT: Shared axios SSRF guard validates only the initial URL before following redirects

FastGPT is a knowledge-based AI application platform. Prior to 4.15.0-beta5, FastGPT's shared SSRF guard validates only the initial request URL before handing the request to axios, and axios follows redirects by default. An authenticated workflow user can configure an HTTP request node to call an...

6.3CVSS
Exploits0References2
cve
cve
added yesterday20 views

CVE-2026-15583

Grafana MCP Server is affected by CVE-2026-15583, a confusion-deputy vulnerability that allows an unauthenticated remote attacker to exfiltrate the server’s Grafana service-account token and perform SSRF via a crafted X-Grafana-URL header. The flaw enables targeting internal services, including c...

8.6CVSS6.2AI score0.00312EPSS
Exploits0References1
cvelist
cvelist
added yesterday25 views

CVE-2026-15583 SSRF (confused deputy) in Grafana MCP Server via X-Grafana-URL header

A confused-deputy flaw in Grafana MCP Server allows an unauthenticated remote attacker to exfiltrate the server's environment-configured Grafana service-account token by supplying a crafted X-Grafana-URL request header. This also enables SSRF against arbitrary internal services, including cloud...

8.6CVSS0.00312EPSS
Exploits0References1
nuclei
nuclei
added yesterday16 views

MagicMirror <= 2.35.0 - Server-Side Request Forgery

An unauthenticated Server-Side Request Forgery SSRF vulnerability in the /cors endpoint allows any remote attacker to force the MagicMirror² server to perform arbitrary HTTP requests to internal networks, cloud metadata services, and localhost services. The endpoint also expands environment...

9.2CVSS6.2AI score0.01623EPSS
Exploits1References4
nvd
nvd
added 2 days ago4 views

CVE-2026-61520

Simple Machines Forum 2.1 prior to commit 4bf35cf and 3.0 prior to commit b4d23df contains a server-side request forgery vulnerability in the image proxy that allows authenticated attackers to trigger internal HTTP requests by embedding attacker-controlled URLs in BBCode image tags, which the pro...

7.7CVSS0.00251EPSS
Exploits0References3
nvd
nvd
added 2 days ago3 views

CVE-2026-14646

Nexus Repository 3 did not apply its existing Server-Side Request Forgery SSRF protections to HTTP redirect targets returned by proxy repository upstream servers. Any user with read access to a proxy repository backed by an attacker-controlled or compromised upstream server — including an anonymo...

4.9CVSS0.00265EPSS
Exploits0References2
euvd
euvd
added 2 days ago5 views

EUVD-2026-43555

CrewAI before 1.15.1 contains a server-side request forgery vulnerability in the validateurl function that performs one-shot DNS resolution and blocklist checks before returning the original URL unchanged. Attackers can bypass the security filter by supplying URLs that redirect to internal...

8.3CVSS6.1AI score0.00287EPSS
Exploits1References6
ptsecurity
ptsecurity
added 2 days ago5 views

PT-2026-60102

Name of the Vulnerable Software and Affected Versions Anyquery affected versions not specified Description When operating in server mode, the software does not restrict outbound HTTP requests initiated by built-in SQLite virtual table modules, such as json reader and log reader. Unauthenticated...

8.6CVSS6.1AI score
Exploits0References5
cvelist
cvelist
added 3 days ago30 views

CVE-2026-62240 CrewAI < 1.15.1 SSRF Filter Bypass via HTTP Redirect in Scrape Tools

CrewAI before 1.15.1 contains a server-side request forgery vulnerability in the validateurl function that performs one-shot DNS resolution and blocklist checks before returning the original URL unchanged. Attackers can bypass the security filter by supplying URLs that redirect to internal...

8.3CVSS0.00287EPSS
Exploits1References5
osv
osv
added 3 days ago2 views

CVE-2026-62240 CrewAI < 1.15.1 SSRF Filter Bypass via HTTP Redirect in Scrape Tools

CrewAI before 1.15.1 contains a server-side request forgery vulnerability in the validateurl function that performs one-shot DNS resolution and blocklist checks before returning the original URL unchanged. Attackers can bypass the security filter by supplying URLs that redirect to internal...

8.3CVSS6.1AI score0.00287EPSS
Exploits1References8
nvd
nvd
added 3 days ago4 views

CVE-2026-49876

Authenticated SSRF in Gravitino JobManager allows server-side HTTP requests to internal network and cloud metadata endpoints via unvalidated job template URIs. A vulnerability in Apache Gravitino. This issue affects Apache Gravitino: from 1.0.0 through 1.2.1. Users are recommended to upgrade to...

6.5CVSS0.00502EPSS
Exploits0References2
cvelist
cvelist
added 3 days ago30 views

CVE-2026-49876 Apache Gravitino: Authenticated SSRF in Gravitino JobManager allows server-side HTTP requests to internal network and cloud metadata endpoints via unvalidated job template URIs

Authenticated SSRF in Gravitino JobManager allows server-side HTTP requests to internal network and cloud metadata endpoints via unvalidated job template URIs. A vulnerability in Apache Gravitino. This issue affects Apache Gravitino: from 1.0.0 through 1.2.1. Users are recommended to upgrade to...

0.00502EPSS
Exploits0References1
cve
cve
added 3 days ago10 views

CVE-2026-49876

CVE-2026-49876 describes an authenticated SSRF in the Gravitino JobManager. The issue allows server-side HTTP requests to internal networks and cloud metadata endpoints via unvalidated job template URIs. Affected software: Apache Gravitino 1.0.0 through 1.2.1. Impact is tied to the ability to rea...

6.5CVSS6.1AI score0.00502EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 3 days ago5 views

PT-2026-57904

Name of the Vulnerable Software and Affected Versions CrewAI versions prior to 1.15.1 Description A server-side request forgery SSRF issue exists in the validate url function. The function performs one-shot DNS resolution and blocklist checks but returns the original URL unchanged. This allows...

8.3CVSS6.1AI score0.00287EPSS
Exploits1References7
osv
osv
added 6 days ago2 views

PYSEC-2026-3443

Crawl4AI before 0.8.7 contains a server-side request forgery SSRF vulnerability in the Docker API server's /crawl/job and /llm/job endpoints, which accept webhook URLs without destination validation. An attacker can supply webhook URLs pointing to private or internal IP ranges, Docker networks, o...

7.5CVSS6.1AI score0.00421EPSS
Exploits0References3
osv
osv
added 6 days ago2 views

CVE-2026-56261 Crawl4AI - Server-Side Request Forgery via Webhook URLs

Crawl4AI before 0.8.7 contains a server-side request forgery SSRF vulnerability in the Docker API server's /crawl/job and /llm/job endpoints, which accept webhook URLs without destination validation. An attacker can supply webhook URLs pointing to private or internal IP ranges, Docker networks, o...

9.2CVSS6.1AI score0.00421EPSS
Exploits0References5
cvelist
cvelist
added 6 days ago32 views

CVE-2026-56261 Crawl4AI - Server-Side Request Forgery via Webhook URLs

Crawl4AI before 0.8.7 contains a server-side request forgery SSRF vulnerability in the Docker API server's /crawl/job and /llm/job endpoints, which accept webhook URLs without destination validation. An attacker can supply webhook URLs pointing to private or internal IP ranges, Docker networks, o...

9.2CVSS0.00371EPSS
Exploits0References3
cve
cve
added 6 days ago31 views

CVE-2026-15378

The CVE-2026-15378 entry concerns the guardrails-detectors component where a flaw allows remote attackers to perform a blind Server-Side Request Forgery (SSRF) by submitting a crafted XML Schema Definition string. This can lead to unauthorized access to sensitive information (e.g., credentials fr...

9.3CVSS6.1AI score0.00424EPSS
Exploits0References2
cvelist
cvelist
added 6 days ago33 views

CVE-2026-15378 Guardrails-detectors: guardrails-detectors: ssrf and local file read via user-supplied xml schema (xml-with-schema:)

A flaw was found in the guardrails-detectors component. This vulnerability allows a remote attacker to perform a blind Server-Side Request Forgery SSRF by submitting a specially crafted XML Schema Definition XSD string. This can lead to unauthorized access to sensitive information, including...

9.3CVSS0.00424EPSS
Exploits0References2
Rows per page
Query Builder