Lucene search
K

1476 matches found

Cvelist
Cvelist
added 4 hours ago3 views

CVE-2026-61430 PraisonAI before 1.6.78 DNS Rebinding SSRF via web_crawl

PraisonAI before 1.6.78 contains a server-side request forgery vulnerability in the webcrawl tool that validates hostnames at check time but re-resolves them at connection time without IP pinning. Attackers can use DNS rebinding to bypass SSRF protection and retrieve internal HTTP response bodies...

8.5CVSS
Exploits0References2
EUVD
EUVD
added 4 hours ago3 views

EUVD-2026-44639

PraisonAI before 1.6.78 contains a server-side request forgery vulnerability in the webcrawl tool that validates hostnames at check time but re-resolves them at connection time without IP pinning. Attackers can use DNS rebinding to bypass SSRF protection and retrieve internal HTTP response bodies...

8.5CVSS6.1AI score
Exploits0References2
Nuclei
Nuclei
added 11 hours ago45 views

MindsDB -DNS Rebinding SSRF Protection Bypass

Detects DNS rebinding vulnerability that allows bypass of SSRF protection. The vulnerability exists in the URL validation mechanism where DNS resolution is performed without considering DNS rebinding attacks. id: CVE-2024-24759 info: name: MindsDB -DNS Rebinding SSRF Protection Bypass author: Lee...

9.3CVSS6.1AI score0.04936EPSS
Exploits1References2
NVD
NVD
added 4 days ago9 views

CVE-2026-61429

PraisonAI versions before 1.6.78 contain a server-side request forgery vulnerability in the Crawl4AI/Chromium backend that allows attackers to bypass SSRF validation by exploiting DNS rebinding and HTTP redirects. Attackers can craft URLs that resolve to internal services after the initial...

8.5CVSS0.00221EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago34 views

CVE-2026-61429 PraisonAI before 1.6.78 SSRF via Crawl4AI Chromium backend

PraisonAI versions before 1.6.78 contain a server-side request forgery vulnerability in the Crawl4AI/Chromium backend that allows attackers to bypass SSRF validation by exploiting DNS rebinding and HTTP redirects. Attackers can craft URLs that resolve to internal services after the initial...

8.5CVSS0.00221EPSS
Exploits0References2
CVE
CVE
added 4 days ago24 views

CVE-2026-61429

CVE-2026-61429 affects PraisonAI before 1.6.78. A SSRF in the Crawl4AI/Chromium backend allows bypassing initial validation via DNS rebinding and HTTP redirects, enabling a headless browser to access internal services and read internal responses including sensitive canary values. The CVSS metrics...

8.5CVSS6.1AI score0.00221EPSS
Exploits0References2
NVD
NVD
added 5 days ago6 views

CVE-2026-55671

ZITADEL is an open source identity management platform. From 4.0.0-rc.1 through 4.15.1, ZITADEL's HTTP notification channels, OIDC BackChannel Logout, and SAML metadata URL fetches do not consistently validate user-defined URLs against protected denylist handling, allowing server-side requests to...

2.3CVSS0.00252EPSS
Exploits0References3
OSV
OSV
added 5 days ago5 views

CVE-2026-55671 ZITADEL: Server-Side Request Forgery (SSRF) and Denylist Bypass in Outgoing HTTP Components

ZITADEL is an open source identity management platform. From 4.0.0-rc.1 through 4.15.1, ZITADEL's HTTP notification channels, OIDC BackChannel Logout, and SAML metadata URL fetches do not consistently validate user-defined URLs against protected denylist handling, allowing server-side requests to...

2.3CVSS6.1AI score0.00252EPSS
Exploits0References5
Snyk
Snyk
added 5 days ago4 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview 9router is a 9Router CLI - Start and manage 9Router server Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition through the image process in open-sse/translator/concerns/image.js. An attacker can access internal-only HTTP services by...

7.4CVSS6.1AI score0.00154EPSS
Exploits0References2
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-56676 9router: Image prefetch DNS rebinding allows SSRF to internal services

9Router is an AI router & token saver. Prior to 0.5.2, 9router validates image URLs by resolving the host before fetching, but open-sse/translator/concerns/image.js performs the later server-side image fetch with a separate DNS resolution. An authenticated attacker with access to the LLM proxy ca...

7.4CVSS0.00154EPSS
Exploits0References3
CVE
CVE
added 5 days ago10 views

CVE-2026-56676

9router is affected by an image prefetch DNS rebinding vulnerability (CVE-2026-56676). Prior to v0.5.2, the application validates the image URL by DNS resolution but then performs a server-side fetch with a separate DNS lookup, enabling an authenticated attacker with access to the LLM proxy to tr...

7.4CVSS6.1AI score0.00154EPSS
Exploits0References3
OSV
OSV
added 5 days ago3 views

CVE-2026-56676 9router: Image prefetch DNS rebinding allows SSRF to internal services

9Router is an AI router & token saver. Prior to 0.5.2, 9router validates image URLs by resolving the host before fetching, but open-sse/translator/concerns/image.js performs the later server-side image fetch with a separate DNS resolution. An authenticated attacker with access to the LLM proxy ca...

7.4CVSS6.1AI score0.00154EPSS
Exploits0References5
NVD
NVD
added 5 days ago7 views

CVE-2026-60091

PraisonAI before 4.6.78 contains an unauthenticated server-side request forgery vulnerability in the Jobs API /api/v1/runs endpoint. The webhookurl parameter is validated at request time but re-resolved at connection time, allowing attackers to use DNS rebinding to reach internal services with a...

7.2CVSS0.0018EPSS
Exploits0References2
CVE
CVE
added 5 days ago5 views

CVE-2026-60091

PraisionAI before 4.6.78 is affected by an unauthenticated SSRF in the Jobs API /api/v1/runs. The webhook_url parameter is validated at request time but re-resolved at connection time, enabling DNS rebinding to reach internal services via a blind SSRF attack. CVSS metrics: CVSSv3.1 base score 7.2...

7.2CVSS6.1AI score0.0018EPSS
Exploits0References2
Cvelist
Cvelist
added 5 days ago28 views

CVE-2026-60091 PraisonAI before 4.6.78 Unauthenticated SSRF via webhook_url

PraisonAI before 4.6.78 contains an unauthenticated server-side request forgery vulnerability in the Jobs API /api/v1/runs endpoint. The webhookurl parameter is validated at request time but re-resolved at connection time, allowing attackers to use DNS rebinding to reach internal services with a...

7.2CVSS0.0018EPSS
Exploits0References2
OSV
OSV
added 5 days ago2 views

CVE-2026-60091 PraisonAI before 4.6.78 Unauthenticated SSRF via webhook_url

PraisonAI before 4.6.78 contains an unauthenticated server-side request forgery vulnerability in the Jobs API /api/v1/runs endpoint. The webhookurl parameter is validated at request time but re-resolved at connection time, allowing attackers to use DNS rebinding to reach internal services with a...

6.9CVSS6.1AI score0.0018EPSS
Exploits0References4
NVD
NVD
added 2026/07/07 9:17 p.m.6 views

CVE-2026-49471

Serena is a powerful MCP toolkit for coding that provides semantic retrieval and editing capabilities. Prior to v1.5.2, Serena's built-in web dashboard exposes an unauthenticated Flask API on a fixed, predictable port, with no authentication, no CSRF protection, and no Host header validation. A D...

8.3CVSS0.00237EPSS
Exploits0References3
CVE
CVE
added 2026/07/07 8:50 p.m.17 views

CVE-2026-49471

Serena exposes an unauthenticated Flask API on a fixed port prior to v1.5.2, with no authentication, CSRF protection, or Host header validation. A DNS rebinding attack can reach this API from any browser and write arbitrary content to the agent’s persistent memory store, which the agent may read ...

8.3CVSS6.7AI score0.00237EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/07 8:50 p.m.5 views

CVE-2026-49471

Serena is a powerful MCP toolkit for coding that provides semantic retrieval and editing capabilities. Prior to v1.5.2, Serena's built-in web dashboard exposes an unauthenticated Flask API on a fixed, predictable port, with no authentication, no CSRF protection, and no Host header validation. A D...

8.3CVSS6.7AI score0.00237EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.3 views

PT-2026-56242

Name of the Vulnerable Software and Affected Versions Serena versions prior to 1.5.2 Description The built-in web dashboard exposes an unauthenticated Flask API on a fixed, predictable port. This API lacks authentication, Cross-Site Request Forgery CSRF protection, and Host header validation. A D...

8.3CVSS6.7AI score0.00237EPSS
Exploits0References10
Rows per page
Query Builder