23 matches found
CVE-2026-33458
Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially exposing sensitive internal endpoints and data...
GHSA-RFH7-FXQC-Q52V @angular/platform-server: SSRF via Hostname Hijacking
Impact A Server-Side Request Forgery SSRF vulnerability exists in @angular/platform-server. The issue stems from how the server-side rendering SSR engine processes the request URL provided to the rendering entry points. When an absolute-form URL e.g., http://evil.com is passed to the rendering...
PT-2026-42031
Summary Unauthenticated semi-blind Server-Side Request Forgery SSRF via the Azure instance identity endpoint POST /api/v2/workspaceagents/azure-instance-identity. An external attacker can force the Coder server to issue HTTP GET requests to arbitrary internal or external hosts by submitting a...
DNS rebinding and cross-origin CSRF in dynoxide's MCP HTTP transport
dynoxide's MCP HTTP transport was vulnerable to DNS rebinding via its transitive rmcp dependency, plus a related cross-origin CSRF gap. A malicious web page could make the user's browser send requests to a local dynoxide mcp --http or dynoxide serve --mcp server with a non-loopback Host header,...
PT-2026-36996
Name of the Vulnerable Software and Affected Versions fast-uri versions prior to 3.1.2 Description The normalize function decoded percent-encoded authority delimiters within the host component and re-emitted them as raw delimiters during serialization. This allows a host combining an allowed...
BIT-KIBANA-2026-33458 Server-Side Request Forgery (SSRF) in Kibana One Workflow Leading to Information Disclosure
Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially exposing sensitive internal endpoints and data...
BIT-ELK-2026-33458 Server-Side Request Forgery (SSRF) in Kibana One Workflow Leading to Information Disclosure
Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially exposing sensitive internal endpoints and data...
PT-2026-32405
Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially exposing sensitive internal endpoints and data...
PT-2026-32429
Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially exposing sensitive internal endpoints and data...
CVE-2026-33458
Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially exposing sensitive internal endpoints and data...
CVE-2026-33458
Kibana 9.x Workflows Engine SSRF: CVE-2026-33458 affects Kibana 9.3.0–9.3.2 with an authenticated user who can create and run workflows. The issue bypasses host allowlists in the Workflows Execution Engine, potentially exposing internal endpoints/data. Fix is in 9.3.3 (per ESA-2026-28). Indicator...
CVE-2026-33458 Server-Side Request Forgery (SSRF) in Kibana One Workflow Leading to Information Disclosure
Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially exposing sensitive internal endpoints and data...
CVE-2026-33458 Server-Side Request Forgery (SSRF) in Kibana One Workflow Leading to Information Disclosure
Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially exposing sensitive internal endpoints and data...
Elastic Kibana 安全漏洞
Elastic Kibana is a data visualization dashboard software provided by the Elastic company. There is a security vulnerability in Elastic Kibana, which stems from server-side request forgery in the Kibana One workflow. This vulnerability could allow authenticated users with permission to create and...
PT-2026-31344
Name of the Vulnerable Software and Affected Versions Kibana versions affected versions not specified Description Kibana One Workflow contains a Server-Side Request Forgery CWE-918 issue that can lead to information disclosure. An authenticated user with workflow creation and execution privileges...
CVE-2026-35036
Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to 4.2.8, Ech0 implements link preview editor fetches a page title through GET /api/website/title. That is legitimate product behavior, but the implementation is unsafe: the route is unauthenticated, accepts ...
PT-2026-30014
Summary Ech0 implements link preview editor fetches a page title through GET /api/website/title. That is legitimate product behavior, but the implementation is unsafe: the route is unauthenticated, accepts a fully attacker-controlled URL, performs a server-side GET, reads the entire response body...
Improper Validation of Syntactic Correctness of Input
Overview rack is a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses in the simplest way possible, it unifies and distills the API for web servers, web frameworks, and software in between the so-called middleware into a singl...
CVE-2026-34835 Rack: `Rack::Request` accepts invalid Host characters, enabling host allowlist bypass.
Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Request parses the Host header using an AUTHORITY regular expression that accepts characters not permitted in RFC-compliant hostnames, including /, ?, , and @. Because req.hos...
CVE-2026-34835 Rack: `Rack::Request` accepts invalid Host characters, enabling host allowlist bypass.
Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Request parses the Host header using an AUTHORITY regular expression that accepts characters not permitted in RFC-compliant hostnames, including /, ?, , and @. Because req.hos...