Lucene search
K

89729 matches found

CNNVD
CNNVD
added 2026/05/08 12:0 a.m.14 views

Flarum 路径遍历漏洞

Flarum is an open-source forum software developed by Flarum for building communities. Versions of Flarum prior to 1.8.16 and 2.0.0-rc.1 contained a path traversal vulnerability. This vulnerability stemmed from the lack of restrictions on the values of LESS configuration variables, which could lea...

4.9CVSS5.9AI score0.00404EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.11 views

Lemmy 代码问题漏洞

Lemmy is open-source software developed by Lemmy for building social news aggregators and web forums. Versions of Lemmy prior to 0.19.18 had code vulnerabilities. These vulnerabilities stemmed from the og:image URL being extracted without being restricted by the internal IP range, which could lea...

6.5CVSS5.9AI score0.00209EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.12 views

PT-2026-38645

Name of the Vulnerable Software and Affected Versions PromptHub versions 0.4.9 through 0.5.3 Description An authenticated endpoint "/api/skills/fetch-remote" fetches a user-supplied URL server-side and reflects the response body back to the caller. The Server-Side Request Forgery SSRF protection ...

7.1CVSS5.8AI score0.00237EPSS
Exploits1References8
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.9 views

Lemmy 代码问题漏洞

Lemmy is open-source software developed by Lemmy, used for building social news aggregators and web forums. Versions of Lemmy prior to 0.19.18 had code vulnerabilities. These vulnerabilities stemmed from the lack of mechanisms to reject loops, private links, or link-local targets when creating li...

6.3CVSS5.9AI score0.00184EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.15 views

PT-2026-39189

Name of the Vulnerable Software and Affected Versions n8n-MCP versions 2.18.7 through 2.50.1 Description An authenticated server-side request forgery SSRF issue exists affecting the webhook trigger tools, the n8n API client N8N API URL, and per-request URLs provided via the x-n8n-url header in...

9.1CVSS5.8AI score0.00235EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.10 views

PraisonAI 代码问题漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 1.6.32 contained code vulnerabilities. These vulnerabilities stemmed from logical flaws in the URL checking logic, which could allow attackers to bypass the checks and execute...

9.8CVSS6AI score0.00378EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.12 views

Gitroom Postiz 代码问题漏洞

Gitroom Postiz is an open-source social media scheduling tool developed by Gitroom. Versions of Gitroom Postiz from 2.16.6 to 2.21.7 contained code vulnerabilities. These vulnerabilities were caused by a TOCTOU vulnerability in the SSRF protection mechanism, which could allow attackers to redirec...

6.5CVSS5.9AI score0.00224EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.14 views

PT-2026-39202

Name of the Vulnerable Software and Affected Versions Emlog versions prior to 2.6.11 Description Missing Cross-Site Request Forgery CSRF protection in critical admin functions allows attackers to trick authenticated administrators into performing unauthorized actions. These actions include system...

8.4CVSS5.8AI score0.00165EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.6 views

IBM MQ 9.1 < 9.1.0.36 LTS / 9.2 < 9.2.0.42 LTS / 9.3 < 9.3.0.40 LTS / 9.3 < 9.4.5.1 CD / 9.4 < 9.4.0.21 LTS / 9.4.5.1 (7271941)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7271941 advisory. - IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery SSRF. This may...

5.4CVSS7.3AI score0.00284EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.13 views

Node.js Module axios < 1.15.1 Multiple Vulnerabilities

The version of the axios Node.js module installed on the remote host is prior to 1.15.1. It is, therefore, affected by multiple vulnerabilities: - Prototype pollution gadgets in axios allow response tampering, data exfiltration, and request hijacking. CVE-2026-42033 - Axios' HTTP adapter-streamed...

10CVSS6.6AI score0.01186EPSS
Exploits8References14
Snyk
Snyk
added 2026/05/07 10:32 p.m.11 views

Server-side Request Forgery (SSRF)

Overview utcp-http is an UTCP communication protocol plugin for HTTP, SSE, and streamable HTTP, plus an OpenAPI converter. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the calltool and calltoolstreaming functions when attacker-controlled URLs from OpenA...

4.7CVSS5.8AI score0.00168EPSS
Exploits0References2
OSV
OSV
added 2026/05/07 10:32 p.m.5 views

GHSA-39J6-4867-GG4W utcp-http vulnerable to SSRF via attacker-controlled OpenAPI servers[0].url in HTTP communication protocol

Summary The utcp-http plugin is vulnerable to a blind Server-Side Request Forgery SSRF caused by a trust-boundary inconsistency between manual discovery and tool invocation. registermanual validates the discovery URL against an HTTPS / loopback allowlist, but calltool and calltoolstreaming reuse...

4.7CVSS5.9AI score0.00168EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/07 10:32 p.m.13 views

utcp-http vulnerable to SSRF via attacker-controlled OpenAPI servers[0].url in HTTP communication protocol

Summary The utcp-http plugin is vulnerable to a blind Server-Side Request Forgery SSRF caused by a trust-boundary inconsistency between manual discovery and tool invocation. registermanual validates the discovery URL against an HTTPS / loopback allowlist, but calltool and calltoolstreaming reuse...

4.7CVSS5.9AI score0.00168EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/05/07 10:16 p.m.46 views

CVE-2026-8034

A server-side request forgery SSRF vulnerability was identified in the GitHub Enterprise Server notebook viewer that allowed an attacker to access internal services by exploiting URL parser confusion between the validation layer and the HTTP request library. The hostname validation used a differe...

9.8CVSS0.00377EPSS
Exploits0References5
NVD
NVD
added 2026/05/07 10:16 p.m.27 views

CVE-2026-41105

Server-side request forgery ssrf in Azure Notification Service allows an authorized attacker to elevate privileges over a network...

8.1CVSS0.00827EPSS
Exploits0References1
OSV
OSV
added 2026/05/07 9:28 p.m.4 views

GHSA-8MC6-XJPR-H98X Ech0 has Server-Side Request Forgery (SSRF) via Connect Handler fetchPeerConnectInfo

Summary The fetchPeerConnectInfo function in internal/service/connect/connect.go:214-239 uses httpUtil.SendRequest no SSRF protection instead of SendSafeRequest which has ValidatePublicHTTPURL with private IP blocking. This allows authenticated users to make the server request arbitrary URLs...

7.7CVSS5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/05/07 9:28 p.m.8 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchPeerConnectInfo function. An attacker can access sensitive internal resources by supplying crafted URLs to the server, which are then requested on behalf of the authenticated user. Remediati...

7.7CVSS5.5AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/07 9:28 p.m.9 views

Ech0 has Server-Side Request Forgery (SSRF) via Connect Handler fetchPeerConnectInfo

Summary The fetchPeerConnectInfo function in internal/service/connect/connect.go:214-239 uses httpUtil.SendRequest no SSRF protection instead of SendSafeRequest which has ValidatePublicHTTPURL with private IP blocking. This allows authenticated users to make the server request arbitrary URLs...

5.9AI score
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/07 9:21 p.m.4 views

GHSA-RGJ7-VG8V-J4WR Ech0's Unauthenticated Like Endpoint Enables Arbitrary Engagement Metric Inflation

Summary No authentication is required to invoke PUT /api/echo/like/:id. The handler is registered on the public router group. The service increments favcount for the given echo without checking identity, without a per-user limit, and without CSRF tokens. A remote client can arbitrarily inflate li...

5.3CVSS5.9AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/07 9:21 p.m.13 views

Ech0's Unauthenticated Like Endpoint Enables Arbitrary Engagement Metric Inflation

Summary No authentication is required to invoke PUT /api/echo/like/:id. The handler is registered on the public router group. The service increments favcount for the given echo without checking identity, without a per-user limit, and without CSRF tokens. A remote client can arbitrarily inflate li...

5.9AI score
Exploits0References3Affected Software1
Rows per page
Query Builder