CVE-2026-7817 pgAdmin 4: Local file inclusion and server-side request forgery in LLM API configuration endpoints

Local file inclusion LFI and server-side request forgery SSRF vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied apikeyfile and apiurl preferences were passed to the LLM provider clients without validation. An authenticated user could read arbitrary server-side files by...

CVE-2026-7817

Local file inclusion LFI and server-side request forgery SSRF vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied apikeyfile and apiurl preferences were passed to the LLM provider clients without validation. An authenticated user could read arbitrary server-side files by...

GHSA-CHWH-F6GM-R836 Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass

A review of 4 published Gotenberg security advisories exposed an SSRF issue. GHSA-pjrr-jgp4-v2fm covers SSRF via the downloadFrom endpoint. GHSA-pcrp-7g9h-7qhp covers SSRF via the webhook endpoint. Neither advisory addresses SSRF through the primary Chromium URL-to-PDF conversion endpoint...

Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass

A review of 4 published Gotenberg security advisories exposed an SSRF issue. GHSA-pjrr-jgp4-v2fm covers SSRF via the downloadFrom endpoint. GHSA-pcrp-7g9h-7qhp covers SSRF via the webhook endpoint. Neither advisory addresses SSRF through the primary Chromium URL-to-PDF conversion endpoint...

Server-Side Request Forgery (SSRF)

Grav is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to unsafe processing of Twig templates with undefined PHP function registration enabled, which allows an attacker to trigger unauthorized server-side requests...

Unity Linux 20.1070e Security Update: batik (UTSA-2026-017788)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017788 advisory. Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the xlink:href attributes. By using a specially-crafted argument, a...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.20 contained security vulnerabilities. These vulnerabilities stemmed from security bypasses in the proxy’s config.patch and config.apply endpoints, which failed to protect...

WWBN AVideo 跨站请求伪造漏洞

WWBN AVideo is a video platform building system written in PHP, developed by the WWBN team. Versions of WWBN AVideo prior to 29.0 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the lack of CSRF protection and MIME validation in the objects/userSavePhoto.php...

PT-2026-39689

OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in browser CDP profile creation that skips strict-mode SSRF policy checks. Attackers can create stored profiles pointing to private-network or metadata endpoints that bypass security policies and are later probed durin...

WWBN AVideo 代码问题漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 29.0 contained code vulnerabilities. These vulnerabilities stemmed from the use of isSSRFSafeURL, which only verified the initial URL. This could allow attackers to bypass SSRF...

PT-2026-39661

Name of the Vulnerable Software and Affected Versions Gotenberg versions prior to 8.32.0 Description Gotenberg is a Docker-powered stateless API for PDF files. The Chromium URL-to-PDF endpoint '/forms/chromium/convert/url' lacks default protection against Server-Side Request Forgery SSRF for HTTP...

pgAdmin 4 安全漏洞

pgAdmin 4 is an open-source management and development platform for PostgreSQL, developed by the pgAdmin Project. Versions of pgAdmin 4 prior to 9.15 contained security vulnerabilities. These vulnerabilities were caused by local file inclusion and server-side request forgeing, which could allow...

jshERP 代码问题漏洞

jshERP Huaxia ERP is a domestic ERP system developed by Jishan Hua. Versions of jshERP 3.6 and earlier had code vulnerabilities. These vulnerabilities stemmed from the operation of the getUserByWeixinCode function in the updatePlatformConfigByKey endpoint component, located in the...

Unity Linux 20.1070e Security Update: rubygem-rack (UTSA-2026-017803)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017803 advisory. A reliance on cookies without validation/integrity check security vulnerability exists in rack 2.2.3, rack 2.1.4 that makes it is possible for an attacker to forge a...

PT-2026-39649

Name of the Vulnerable Software and Affected Versions MLflow versions prior to 3.9.0 Description A Server-Side Request Forgery SSRF issue exists where the create webhook function in mlflow/server/handlers.py accepts a user-controlled url parameter without validation. Subsequently, the send webhoo...

Outline 跨站请求伪造漏洞

Outline is an open-source knowledge base developed by Outline. Versions prior to Outline 1.7.1 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the Slack integration callback accepting unsigned OAuth state values, which could allow third parties to link user...

CVE-2026-38566

HireFlow v1.2 does not implement CSRF token validation on any state-changing POST endpoint. All forms password change at /profile, candidate deletion at /candidates/delete/, feedback submission at /feedback/add/, interview scheduling at /interviews/add are vulnerable to CSRF. An attacker who can...

PT-2026-39893

Name of the Vulnerable Software and Affected Versions Local Deep Research versions prior to 1.6.0 Description The PDFService. markdown to html function constructs an HTML document by interpolating user-controlled values directly into an f-string without HTML escaping. Specifically, the title...

WWBN AVideo 代码问题漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to version 29 contain code vulnerabilities. These vulnerabilities stem from an unvalidated donation notification Webhook URL, which may allow attackers to access internal or cloud...

PT-2026-39904

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.35.10 Description The Plugin URL upload endpoint "POST /api/plugin" contains a flaw in how it validates submitted URLs. It uses a simple substring check to verify if the url variable contains ".tar.gz", which can b...