211 matches found
CVE-2026-42398
Kibana is affected by SSRF (CWE-918) where authenticated users with connector-management privileges can bypass the operator-configured allowlist by configuring a Webhook connector to target destinations. The issue allows outbound requests to blocked destinations as per egress controls. Affected v...
CVE-2026-42398 Server-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network Access
Server-Side Request Forgery CWE-918 in Kibana allows authenticated users with connector management privileges to bypass the operator-configured connection allowlist. By configuring a Webhook connector with a crafted target, an attacker can cause Kibana to issue outbound requests to destinations...
CVE-2026-9813
FlowIntel up to version 3.3.0 contains a server-side request forgery SSRF vulnerability in the external reference URL probe functionality in app/case/task.py. An attacker who can submit an external reference URL can cause the application server to issue an HTTP HEAD request to an attacker-specifi...
Elastic Kibana 安全漏洞
Elastic Kibana is a data visualization dashboard software provided by the Elastic company. There is a security vulnerability in Elastic Kibana, which stems from server-side request forgeing. This vulnerability could allow authenticated users with connector management privileges to bypass the...
CVE-2026-48128
Budibase prior to 3.39.0 is vulnerable to SSRF via the executeQuery automation step. The executeQuery step accepts a queryId from automation inputs and forwards it to the query execution controller without additional validation. When a REST datasource targets internal infrastructure, this can cau...
EUVD-2026-32212
A flaw was found in Keycloak, an open-source identity and access management solution. When a client application is configured to accept broad redirect Uniform Resource Identifiers URIs, a remote attacker can manipulate the authentication process by crafting a special web address. If a user clicks...
CVE-2026-48845
In Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16 and 1.7.x before 1.7.1, remote image blocking was not honored for URLs pointing to local/private destinations, which may lead to information disclosure or privilege escalation via a text/html email message...
CVE-2026-48845
In Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16 and 1.7.x before 1.7.1, remote image blocking was not honored for URLs pointing to local/private destinations, which may lead to information disclosure or privilege escalation via a text/html email message...
EUVD-2026-31720
In Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16 and 1.7.x before 1.7.1, remote image blocking was not honored for URLs pointing to local/private destinations, which may lead to information disclosure or privilege escalation via a text/html email message...
CVE-2026-48845
In Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16 and 1.7.x before 1.7.1, remote image blocking was not honored for URLs pointing to local/private destinations, which may lead to information disclosure or privilege escalation via a text/html email message...
CVE-2026-48845
CVE-2026-48845 affects Roundcube Webmail 1.6.x (1.6.14–1.6.16) and 1.7.x before 1.7.1. The issue: remote image blocking is not honored for URLs to local/private destinations in text/html emails, enabling potential information disclosure or privilege escalation. Impact is described as information ...
PT-2026-43108
Name of the Vulnerable Software and Affected Versions Roundcube Webmail versions 1.6.14 through 1.6.16 Roundcube Webmail versions prior to 1.7.1 Description Remote image blocking is not honored for URLs pointing to local or private destinations. This issue can be triggered via a text/html email...
Unity Linux 20.1060e / 20.1070e Security Update: usbredir (UTSA-2026-016614)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016614 advisory. A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparserserialize in usbredirparser/usbredirparser.c. This issue occurs...
Malicious code in zest-product (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9081ad708b658c1bd56299e401ca6a764cc9137d99573bc922d38a7381cc30d On npm install, postinstall.js collects host identity and environment data os.hostname, username, process.cwd, process.env values, plus shelled-out...
CVE-2026-6394
The Nexa Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Server-Side Request Forgery SSRF in versions up to and including 1.1.1. This is due to the importdemo function accepting a user-supplied URL in the demojsonfile POST parameter and...
CVE-2026-41195
mosparo is the modern solution to protect your online forms from spam. Prior to 1.4.13, the automatic rule package source URL feature allows a project member with the editor role to store an attacker-controlled URL that the server later fetches. Because the server follows http/https redirects and...
CVE-2026-44258
efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the elfindercheckRisk function validates target and targets for path traversal and home containment, but does not validate the dst destination parameter used by elfinderpaste. An attacker can copy or move files from within the home...
Linux Distros Unpatched Vulnerability : CVE-2026-43901
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wireshark MCP is an MCP Server that turns tshark into a structured analysis interface, then layers in optional Wireshark suite utilities. In 1.1.5 and earlier,...
CVE-2026-44578
Next.js is a React framework for building full-stack web applications. From 13.4.13 to before 15.5.16 and 16.2.5, self-hosted applications using the built-in Node.js server can be vulnerable to server-side request forgery through crafted WebSocket upgrade requests. An attacker can cause the serve...
PT-2026-39181
Andrew Nesbitt discovered that opam did not properly validate file destination paths in package install files. An attacker could use this issue to bypass sandbox protections and write files to arbitrary locations, possibly leading to arbitrary code execution...