Lucene search
K

89765 matches found

Cvelist
Cvelist
added 2026/05/05 8:39 p.m.26 views

CVE-2026-39383 Gotenberg unauthenticated blind SSRF via unfiltered webhook URL

Gotenberg is an API-based document conversion tool. In version 8.29.1, an unauthenticated attacker with network access can force the server to make outbound HTTP POST requests to arbitrary internal or external destinations by supplying a crafted URL in the Gotenberg-Webhook-Url request header. Th...

6.9CVSS0.00236EPSS
Exploits1References1
CVE
CVE
added 2026/05/05 8:39 p.m.11 views

CVE-2026-39383

Gotenberg (v8.x) is vulnerable to an unauthenticated blind SSRF via the Gotenberg-Webhook-Url header. In 8.29.1, the FilterDeadline gate returns nil when both allow-list and deny-list are empty, allowing outbound HTTP POSTs to arbitrary destinations and enabling internal network probing, forced P...

7.2CVSS6AI score0.00236EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/05 8:39 p.m.6 views

CVE-2026-39383 Gotenberg unauthenticated blind SSRF via unfiltered webhook URL

Gotenberg is an API-based document conversion tool. In version 8.29.1, an unauthenticated attacker with network access can force the server to make outbound HTTP POST requests to arbitrary internal or external destinations by supplying a crafted URL in the Gotenberg-Webhook-Url request header. Th...

6.9CVSS6AI score0.00236EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/05 8:39 p.m.6 views

CVE-2026-39383

Gotenberg is an API-based document conversion tool. In version 8.29.1, an unauthenticated attacker with network access can force the server to make outbound HTTP POST requests to arbitrary internal or external destinations by supplying a crafted URL in the Gotenberg-Webhook-Url request header. Th...

6.9CVSS6AI score0.00236EPSS
Exploits1References2Affected Software1
Snyk
Snyk
added 2026/05/05 8:29 p.m.10 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the isSSRFSafeURL function. An attacker can access internal network resources and sensitive cloud metadata by submitting specially crafted URLs that use IPv4-mapped IPv6 notation, which bypasses the...

8.8CVSS5.8AI score0.00226EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/05 8:29 p.m.21 views

ssrfcheck Vulnerable to Server-Side Request Forgery (SSRF) and Incomplete List of Disallowed Inputs

Summary ssrfcheck v1.3.0 latest fails to block Server-Side Request Forgery attacks when the target private IP address is encoded as an IPv4-mapped IPv6 address e.g. http://::ffff:127.0.0.1/. The WHATWG URL parser built into Node.js silently normalizes the IPv4 notation inside the brackets to...

8.2CVSS5.8AI score0.00226EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/05 8:29 p.m.6 views

GHSA-J4RJ-2JR5-M439 ssrfcheck Vulnerable to Server-Side Request Forgery (SSRF) and Incomplete List of Disallowed Inputs

Summary ssrfcheck v1.3.0 latest fails to block Server-Side Request Forgery attacks when the target private IP address is encoded as an IPv4-mapped IPv6 address e.g. http://::ffff:127.0.0.1/. The WHATWG URL parser built into Node.js silently normalizes the IPv4 notation inside the brackets to...

8.2CVSS5.8AI score0.00226EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/05 8:29 p.m.6 views

EUVD-2025-22851

ssrfcheck: SSRF Bypass Caused by Failure to Classify Reserved IP Address Space as Invalid...

8.8CVSS5.8AI score0.00455EPSS
Exploits1References6
NVD
NVD
added 2026/05/05 8:16 p.m.9 views

CVE-2026-33975

Twenty is an open source CRM built with NestJS Node.js. In versions 1.18.0 and earlier, the SSRF protection in twenty-server's SecureHttpClientService can be bypassed using IPv4-mapped IPv6 addresses in URL IP literals. Node.js's URL parser normalizes IPv4-mapped IPv6 addresses to compressed hex...

8.3CVSS0.0024EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/05 8:13 p.m.11 views

Server-side Request Forgery (SSRF)

Overview link-preview-js is a Javascript module to extract and fetch HTTP link information from blocks of text. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via improper validation of IPv6 and internal addresses during the DNS resolution process. An attacke...

8.7CVSS5.8AI score0.00432EPSS
Exploits0References2
OSV
OSV
added 2026/05/05 8:3 p.m.4 views

GHSA-HCJJ-CHVW-FMW9 Admidio has an incomplete fix for CVE-2026-32812 (SSRF)

Summary The incomplete SSRF fix in Admidio's fetchmetadata.php validates the resolved IP address but passes the original hostname-based URL to curlinit, leaving a DNS rebinding TOCTOU window that allows redirecting requests to internal IPs. Affected Package - Ecosystem: Other - Package: admidio -...

6.8CVSS5.8AI score0.00236EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/05/05 8:3 p.m.14 views

Admidio has an incomplete fix for CVE-2026-32812 (SSRF)

Summary The incomplete SSRF fix in Admidio's fetchmetadata.php validates the resolved IP address but passes the original hostname-based URL to curlinit, leaving a DNS rebinding TOCTOU window that allows redirecting requests to internal IPs. Affected Package - Ecosystem: Other - Package: admidio -...

6.8CVSS5.9AI score0.00428EPSS
Exploits1References6Affected Software1
Snyk
Snyk
added 2026/05/05 8:3 p.m.7 views

Server-side Request Forgery (SSRF)

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the fetchmetadata.php process. An attacker can access internal network resources or sensitive clo...

6.9CVSS5.8AI score0.00236EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/05/05 8:3 p.m.6 views

Geyser Vulnerable to Server-Side Request Forgery (SSRF) via Player Head Texture URL in Geyser

Summary A server-side request forgery SSRF vulnerability exists in Geyser’s handling of Bedrock player head texture data. By supplying a crafted Base64-encoded skin texture URL via the /give command, an attacker can cause the Minecraft server to issue arbitrary HTTP GET requests to...

2.4CVSS5.9AI score0.00158EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/05 7:56 p.m.9 views

CVE-2026-35527 Incus blind SSRF via image import preflight HEAD request

Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...

5.3CVSS5.8AI score0.00271EPSS
Exploits1References2
CVE
CVE
added 2026/05/05 7:56 p.m.12 views

CVE-2026-35527

Incus (pre-7.0.0) is vulnerable to a blind SSRF via image import preflight HEAD requests. An authenticated user can coerce the daemon to issue a host-originated HEAD request to a user-supplied URL before policy checks complete, exposing server metadata in headers (Incus-Server-Architectures, Incu...

5.3CVSS5.8AI score0.00271EPSS
Exploits1References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/05/05 7:56 p.m.15 views

CVE-2026-35527

Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...

5.3CVSS5.8AI score0.00271EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2026/05/05 7:52 p.m.9 views

requests-hardened is Vulnerable to Server-Side Request Forgery

The SSRF protection in requests-hardened prior to version 1.2.1 fails to block IP addresses within the RFC 6598 Shared Address Space 100.64.0.0/10. An attacker who can supply arbitrary URLs to requests-hardened could exploit this gap to access internal services hosted within 100.64.0.0/10. This i...

6.5CVSS5.9AI score0.00305EPSS
Exploits0References6Affected Software1
Snyk
Snyk
added 2026/05/05 7:52 p.m.9 views

Server-side Request Forgery (SSRF)

Overview requests-hardened is an A library that overrides the default behaviors of the requests library, and adds new security features. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the URL filtering process. An attacker can access internal services and...

8.3CVSS5.8AI score0.00305EPSS
Exploits0References2
OSV
OSV
added 2026/05/05 7:52 p.m.7 views

GHSA-VH75-FWV3-PQRH requests-hardened is Vulnerable to Server-Side Request Forgery

The SSRF protection in requests-hardened prior to version 1.2.1 fails to block IP addresses within the RFC 6598 Shared Address Space 100.64.0.0/10. An attacker who can supply arbitrary URLs to requests-hardened could exploit this gap to access internal services hosted within 100.64.0.0/10. This i...

6.5CVSS5.9AI score0.00305EPSS
Exploits0References6
Rows per page
Query Builder