Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the downloadimage endpoint. An attacker can access and download image files belonging to any flow by knowing or guessing the flow ID and file name. Remediation There is no fixed version for langflow-base...

CVE-2026-5022 Langflow - Missing Authorization on download_image Endpoint

The '/api/v1/files/images/flowid/filename' endpoint does not enforce any authentication or authorization checks, allowing any unauthenticated user to download images belonging to any flow by knowing or guessing the flow ID and file name...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the DownloadImage function when processing user avatar URLs from OpenID Connect authentication. An attacker can cause the server to make arbitrary HTTP requests to internal or cloud metadata endpoint...

CVE-2026-33679

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.1, the DownloadImage function in pkg/utils/avatar.go uses a bare http.Client with no SSRF protection when downloading user avatar images from the OpenID Connect picture claim URL. An attacker who controls their...

Vikunja 代码问题漏洞

Vikunja is an open-source to-do application developed by Vikunja developers. Versions of Vikunja prior to 2.2.1 had code vulnerabilities. These vulnerabilities stemmed from a lack of SSRF protection in the DownloadImage function, which could lead to server-side request forgeing attacks...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the downloadimage endpoint, which allows unauthenticated access to image files by accepting flowid and filename as path parameters without verifying user authentication or ownership. An attacker can access...

CVE-2026-2985

A security flaw has been discovered in Tiandy Video Surveillance System 视频监控平台 7.17.0. This impacts the function downloadImage of the file /com/tiandy/easy7/core/bo/CLSBODownLoad.java. Performing a manipulation of the argument urlPath results in server-side request forgery. The attack is possible...

CVE-2026-2985

A security flaw has been discovered in Tiandy Video Surveillance System 视频监控平台 7.17.0. This impacts the function downloadImage of the file /com/tiandy/easy7/core/bo/CLSBODownLoad.java. Performing a manipulation of the argument urlPath results in server-side request forgery. The attack is possible...

CVE-2026-2985

CVE-2026-2985 affects Tiandy Video Surveillance System 7.17.0. The flaw resides in the downloadImage function of /com/tiandy/easy7/core/bo/CLSBODownLoad.java, where manipulating the urlPath argument enables server-side request forgery. The vulnerability can be exploited remotely, with public expl...

PT-2026-21514

A security flaw has been discovered in Tiandy Video Surveillance System 视频监控平台 7.17.0. This impacts the function downloadImage of the file /com/tiandy/easy7/core/bo/CLSBODownLoad.java. Performing a manipulation of the argument urlPath results in server-side request forgery. The attack is possible...

CVE-2025-14438

The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.1.0.30 via the 'pixabayDownloadImage' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests...

CVE-2025-14438

The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.1.0.30 via the 'pixabayDownloadImage' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests...

CVE-2025-14438 Xagio SEO <= 7.1.0.30 - Authenticated (Subscriber+) Server-Side Request Forgery

The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.1.0.30 via the 'pixabayDownloadImage' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests...

CVE-2025-14438

CVE-2025-14438 affects Xagio SEO – AI Powered SEO (WordPress). The vulnerability is a Server-Side Request Forgery (SSRF) via the pixabayDownloadImage function, exploitable from authenticated users with Subscriber-level access and above, across all versions up to 7.1.0.30. Successful exploitation ...

Linux Distros Unpatched Vulnerability : CVE-2025-37990

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: brcm80211: fmac: Add error handling for brcmfusbdlwriteimage The function brcmfusbdlwriteimage calls the function brcmfusbdlcmd but dose not check its...

VulnCheck KEV: CVE-2025-34045

A path traversal vulnerability exists in WeiPHP 5.0, an open source WeChat public account platform development framework by Shenzhen Yuanmengyun Technology Co., Ltd. The flaw occurs in the picUrl parameter of the /public/index.php/material/Material/downloadimgage endpoint, where insufficient inpu...

CVE-2022-46493

Default version of nbnbk was discovered to contain an arbitrary file upload vulnerability via the component /api/User/downloadimg...

WordPress Download ImageMagick Sharpen Resized Images plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Theme ImageMagick Sharpen Resized Images versions = 1.1.7...

SUSE CVE-2013-4428

OpenStack Image Registry and Delivery Service Glance Folsom, Grizzly before 2013.1.4, and Havana before 2013.2, when the downloadimage policy is configured, does not properly restrict access to cached images, which allows remote authenticated users to read otherwise restricted images via an image...

CVE-2020-25466

A SSRF vulnerability exists in the downloadimage interface of CRMEB 3.0, which can remotely download arbitrary files on the server and remotely execute arbitrary code...