Lucene search
K

89709 matches found

Vulnrichment
Vulnrichment
added 2026/05/08 9:51 p.m.7 views

CVE-2026-42286 Emlog: Cross-Site Request Forgery in Admin Functions

Emlog is an open source website building system. Prior to version 2.6.11, missing CSRF protection in critical admin functions allows attackers to trick authenticated administrators into performing unauthorized actions like system registration, plugin management, and configuration changes. This...

8.4CVSS5.7AI score0.00165EPSS
Exploits0References1
CVE
CVE
added 2026/05/08 9:12 p.m.12 views

CVE-2026-42193

Plunk (open-source email platform built on AWS SES) fixes a prior vulnerability: before v0.9.0, /webhooks/sns accepted unauthenticated SNS payloads without signature/cert/topic ARN verification, enabling forged webhook requests. Attackers could spoof SNS events to trigger automations, unsubscribe...

9.1CVSS5.7AI score0.00127EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/08 9:12 p.m.8 views

EUVD-2026-28832

Plunk is an open-source email platform built on top of AWS SES. Prior to version 0.9.0, the /webhooks/sns endpoint accepts Amazon SNS notification payloads from unauthenticated requests without verifying the SNS signature, certificate, or topic ARN, meaning anyone can forge a valid-looking webhoo...

9.1CVSS5.7AI score0.00127EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/08 9:12 p.m.31 views

CVE-2026-42193 Plunk: SNS webhook forgery

Plunk is an open-source email platform built on top of AWS SES. Prior to version 0.9.0, the /webhooks/sns endpoint accepts Amazon SNS notification payloads from unauthenticated requests without verifying the SNS signature, certificate, or topic ARN, meaning anyone can forge a valid-looking webhoo...

9.1CVSS0.00127EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/08 9:12 p.m.9 views

CVE-2026-42193 Plunk: SNS webhook forgery

Plunk is an open-source email platform built on top of AWS SES. Prior to version 0.9.0, the /webhooks/sns endpoint accepts Amazon SNS notification payloads from unauthenticated requests without verifying the SNS signature, certificate, or topic ARN, meaning anyone can forge a valid-looking webhoo...

9.1CVSS5.7AI score0.00127EPSS
Exploits0References2
NVD
NVD
added 2026/05/08 8:16 p.m.19 views

CVE-2026-44694

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. From version 2.18.7 to before version 2.50.2, there is an authenticated server-side request forgery vulnerability affecting the webhook trigger tools, the n8n API client N8NAPIURL, a...

9.1CVSS0.00235EPSS
Exploits0References3
CVE
CVE
added 2026/05/08 7:35 p.m.16 views

CVE-2026-42190

RedwoodSDK (rwsdk) server actions from version 1.0.0-beta.50 up to, but not including, 1.2.3, did not validate the Origin header, enabling same-site CSRF with the victim’s session cookie. The issue is fixed in version 1.2.3. Affected component: server actions (serverAction, RSC protocol); impact:...

5.3CVSS5.8AI score0.00111EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/08 7:29 p.m.9 views

CVE-2026-42180 Lemmy: SSRF in /api/v3/post via Webmention dispatch

Lemmy is a link aggregator and forum for the fediverse. Prior to version 0.19.18, Lemmy allows an authenticated low-privileged user to create a link post through POST /api/v3/post. When a post is created in a public community, the backend asynchronously sends a Webmention to the attacker-controll...

6.3CVSS5.8AI score0.00184EPSS
Exploits0References2
CVE
CVE
added 2026/05/08 7:29 p.m.13 views

CVE-2026-42180

Lemmy prior to version 0.19.18 is affected by a server-side request forgery: an authenticated low-privilege user can create a link post via POST /api/v3/post, and when posted to public communities Lemmy dispatches a Webmention to the target. The code path only validates the URL’s syntax/scheme (h...

6.3CVSS5.8AI score0.00184EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/08 7:26 p.m.5 views

CVE-2026-42181 Lemmy: SSRF and internal image disclosure in post link metadata via unvalidated og:image

Lemmy is a link aggregator and forum for the fediverse. Prior to version 0.19.18, Lemmy fetches metadata for user-supplied post URLs and, under the default StoreLinkPreviews image mode, downloads the preview image through local pict-rs. While the top-level page URL is checked against internal IP...

6.5CVSS5.7AI score0.00209EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/08 7:16 p.m.7 views

CVE-2026-42176

Scoold is a Q&A and a knowledge sharing platform for teams. Prior to version 1.67.0, Scoold allows the admins configuration value to be modified through /api/config/set/admins with a forged Bearer token that is accepted as an admin API token. Once that setting is changed, the target email address...

6.7CVSS5.7AI score0.00247EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/08 7:12 p.m.21 views

CVE-2026-44694

CVE-2026-44694 affects n8n-MCP before 2.50.2. An authenticated SSRF vulnerability exists in the webhook trigger tools, the n8n API client (N8N_API_URL), and per-request URLs via the x-n8n-url header in multi-tenant HTTP mode. Exploitation allows a valid MCP session to cause the host to send HTTP ...

9.1CVSS5.8AI score0.00235EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/08 7:12 p.m.36 views

CVE-2026-44694 n8n-MCP: Authenticated SSRF in n8n-mcp webhook and API client paths

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. From version 2.18.7 to before version 2.50.2, there is an authenticated server-side request forgery vulnerability affecting the webhook trigger tools, the n8n API client N8NAPIURL, a...

7.2CVSS0.00235EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/08 7:12 p.m.5 views

CVE-2026-44694

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. From version 2.18.7 to before version 2.50.2, there is an authenticated server-side request forgery vulnerability affecting the webhook trigger tools, the n8n API client N8NAPIURL, a...

7.2CVSS5.8AI score0.00235EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/08 7:12 p.m.5 views

CVE-2026-44694 n8n-MCP: Authenticated SSRF in n8n-mcp webhook and API client paths

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. From version 2.18.7 to before version 2.50.2, there is an authenticated server-side request forgery vulnerability affecting the webhook trigger tools, the n8n API client N8NAPIURL, a...

7.2CVSS5.8AI score0.00235EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/08 7:9 p.m.12 views

Server-side Request Forgery (SSRF)

Overview bugsink is a Self-hosted Error Tracking Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the validatewebhookurl process. An attacker can cause the application to send outbound HTTP POST requests to unintended hosts, including internal or...

5.3CVSS5.8AI score0.00286EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/08 5:22 p.m.107 views

Exploit for Server-Side Request Forgery in Espocrm

CVE-2026-33534 - EspoCRM 9.3.3 Authenticated SSRF Authenticat...

4.3CVSS5.8AI score0.01978EPSS
Exploits5
OSV
OSV
added 2026/05/08 5:20 p.m.7 views

GHSA-R48C-V28R-PF6V MCP Registry has an unauthenticated SSRF: HTTP namespace verification dials 6to4 / NAT64 / site-local IPv6 addresses, bypassing private-address allowlist

Summary The Registry's HTTP-based namespace verification POST /v0/auth/http, POST /v0.1/auth/http uses safeDialContext internal/api/handlers/v0/auth/http.go:67-110 to refuse dialling private/internal addresses when fetching the well-known public-key file from a publisher-supplied domain. The...

6.3CVSS5.9AI score0.00285EPSS
Exploits1References6
NVD
NVD
added 2026/05/08 5:16 p.m.21 views

CVE-2026-41887

Flarum is open-source forum software. Prior to versions 1.8.16 and 2.0.0-rc.1, Flarum's patch for CVE-2023-27577 restricted the @import and data-uri LESS features in the customless setting, but the same restriction was never applied to other settings registered as LESS config variables for exampl...

4.9CVSS0.00404EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/08 5:6 p.m.6 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF due to the improper validation of the audience parameter in the OIDC authentication process. An attacker can gain unauthorized publish permissions by replaying a valid GitHub OIDC token obtained from one...

4.7CVSS5.5AI score0.00219EPSS
Exploits0References2
Rows per page
Query Builder