Lucene search
K

213 matches found

NVD
NVD
added 2026/05/13 6:16 p.m.19 views

CVE-2026-44578

Next.js is a React framework for building full-stack web applications. From 13.4.13 to before 15.5.16 and 16.2.5, self-hosted applications using the built-in Node.js server can be vulnerable to server-side request forgery through crafted WebSocket upgrade requests. An attacker can cause the serve...

8.6CVSS0.38696EPSS
Exploits9References5
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.11 views

PT-2026-39181

Andrew Nesbitt discovered that opam did not properly validate file destination paths in package install files. An attacker could use this issue to bypass sandbox protections and write files to arbitrary locations, possibly leading to arbitrary code execution...

7.3CVSS6.5AI score0.0018EPSS
Exploits0References3
OSV
OSV
added 2026/04/18 8:40 a.m.7 views

BIT-GRAFANA-2025-12141 Grafana Alerting Editors can edit destination of webhooks they did not create

In Grafana's alerting system, users with edit permissions for a contact point, specifically the permissions “alert.notifications:write” or “alert.notifications.receivers:test” that are granted as part of the fixed role "Contact Point Writer", which is part of the basic role Editor - can edit...

6.5CVSS5.7AI score0.00255EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/15 2:59 p.m.32 views

CVE-2025-12141 Grafana Alerting Editors can edit destination of webhooks they did not create

In Grafana's alerting system, users with edit permissions for a contact point, specifically the permissions “alert.notifications:write” or “alert.notifications.receivers:test” that are granted as part of the fixed role "Contact Point Writer", which is part of the basic role Editor - can edit...

5.3CVSS0.00255EPSS
Exploits0References1
NVD
NVD
added 2026/04/13 7:16 a.m.10 views

CVE-2026-5936

An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal network services, access otherwise unreachable endpoints e.g., cloud metadata services, or bypass...

9.8CVSS0.00188EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/13 6:57 a.m.3 views

CVE-2026-5936

An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal network services, access otherwise unreachable endpoints e.g., cloud metadata services, or bypass...

8.5CVSS5.8AI score0.00188EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/13 6:57 a.m.11 views

CVE-2026-5936

The CVE-2026-5936 entries describe a Server-Side Request Forgery (SSRF) in the Foxit PDF Services API, where an attacker can craft a URL to cause the server to initiate requests to arbitrary destinations. Affected component: Foxit PDF Services API (server-side URL handling). Reported impact inclu...

9.8CVSS5.8AI score0.00188EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.10 views

PT-2026-32283

An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal network services, access otherwise unreachable endpoints e.g., cloud metadata services, or bypass...

8.5CVSS5.8AI score0.00188EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.6 views

Duplicate Advisory: OpenClaw: SSRF via Unguarded Configured Base URLs in Multiple Channel Extensions (Incomplete Fix for CVE-2026-28476)

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rhfg-j8jq-7v2h. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.25 contains a server-side request forgery vulnerability in multiple channel extensions that fa...

5.7AI score
Exploits0References5Affected Software1
NVD
NVD
added 2026/04/09 10:16 p.m.8 views

CVE-2026-35629

OpenClaw before 2026.3.25 contains a server-side request forgery vulnerability in multiple channel extensions that fail to properly guard configured base URLs against SSRF attacks. Attackers can exploit unprotected fetch calls against configured endpoints to rebind requests to blocked internal...

7.4CVSS0.00244EPSS
Exploits0References3
CVE
CVE
added 2026/04/09 9:27 p.m.9 views

CVE-2026-35629

CVE-2026-35629 affects OpenClaw before version 2026.3.25. The issue is SSRF via unguarded configured base URLs in multiple channel extensions, where unprotected fetch() calls can rebinding requests to blocked internal destinations and access restricted resources. Impact per sources is limited to ...

7.4CVSS5.9AI score0.00244EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:27 p.m.2 views

CVE-2026-35629

OpenClaw before 2026.3.25 contains a server-side request forgery vulnerability in multiple channel extensions that fail to properly guard configured base URLs against SSRF attacks. Attackers can exploit unprotected fetch calls against configured endpoints to rebind requests to blocked internal...

7.4CVSS5.9AI score0.00244EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/09 9:27 p.m.22 views

CVE-2026-35629 OpenClaw < 2026.3.25 - Server-Side Request Forgery via Unguarded Configured Base URLs in Channel Extensions

OpenClaw before 2026.3.25 contains a server-side request forgery vulnerability in multiple channel extensions that fail to properly guard configured base URLs against SSRF attacks. Attackers can exploit unprotected fetch calls against configured endpoints to rebind requests to blocked internal...

7.4CVSS0.00244EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/09 9:18 p.m.26 views

CVE-2026-40114 PraisonAI has Server-Side Request Forgery via Unvalidated webhook_url in Jobs API

PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /api/v1/runs endpoint accepts an arbitrary webhookurl in the request body with no URL validation. When a submitted job completes success or failure, the server makes an HTTP POST request to this URL using httpx.AsyncClient. An...

7.2CVSS0.0028EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/09 5:41 p.m.1 views

CVE-2026-40072

web3.py allows you to interact with the Ethereum blockchain using Python. From 6.0.0b3 to before 7.15.0 and 8.0.0b2, web3.py implements CCIP Read / OffchainLookup EIP-3668 by performing HTTP requests to URLs supplied by smart contracts in offchainlookuppayload"urls". The implementation uses these...

6.3CVSS6AI score0.00228EPSS
Exploits2References3Affected Software1
NVD
NVD
added 2026/04/01 11:15 a.m.7 views

CVE-2026-0932

Blind server-side request forgery SSRF vulnerability in legacy connection methods of document co-authoring features in M-Files Server before 26.3 allow an unauthenticated attacker to cause the server to send HTTP GET requests to arbitrary URLs...

7.3CVSS0.00195EPSS
Exploits0References2
OSV
OSV
added 2026/03/27 6:31 a.m.3 views

GHSA-MHRG-94VW-45C5 Spring AI: Insufficient Validation causes SSRF when processing multimodal messages with user-supplied URLs

Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery SSRF vulnerability in BedrockProxyChatModel when processing multimodal messages that include user-supplied media URLs. Insufficient validation of those URLs allows an attacker to induce the server to issue HTTP requests...

8.6CVSS5.9AI score0.00353EPSS
Exploits0References6
NVD
NVD
added 2026/03/26 9:17 p.m.3 views

CVE-2026-33619

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab v0.8.3 contains a server-side request forgery issue in the optional scheduler's webhook delivery path. When a task is submitted to POST /tasks with a user-controlled callbackUrl, the v0.8.3...

5.5CVSS0.00249EPSS
Exploits1References3
OSV
OSV
added 2026/03/23 8:36 p.m.4 views

GHSA-JH46-85JR-6PH9 Connect CMS has SSRF in the External Page Migration Feature of its Page Management Plugin

Security Advisory — Page Management Plugin SSRF Summary A Server-Side Request Forgery SSRF issue exists in the external page migration feature of the Page Management Plugin. Affected Versions - 1.x series: = 1.41.0 - 2.x series: = 2.41.0 Patched Versions - 1.41.1 - 2.41.1 Description In the...

6.8CVSS5.8AI score0.00347EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/03/11 11:56 p.m.5 views

CVE-2026-3783

A flaw was found in curl. When an OAuth2 bearer token is used for an HTTPS transfer that redirects to a second URL, curl could unintentionally leak the token. This occurs if the second hostname has entries in the .netrc file, allowing the bearer token intended for the first host to be sent to the...

5.7CVSS5.7AI score0.00333EPSS
Exploits1References7
Rows per page
Query Builder