CVE-2026-31831

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the /newsletter/image/images API endpoint is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem. This issue has be...

CVE-2026-31831 Tautulli: Unauthenticated Path Traversal in `/newsletter/image/images` endpoint

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the /newsletter/image/images API endpoint is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem. This issue has be...

EUVD-2026-16662

The '/api/v1/files/images/flowid/filename' endpoint does not enforce any authentication or authorization checks, allowing any unauthenticated user to download images belonging to any flow by knowing or guessing the flow ID and file name...

PT-2026-28740

The '/api/v1/files/images/flow id/file name' endpoint serves SVG files with the 'image/svg+xml' content type without sanitizing their content. Since SVG files can contain embedded JavaScript, an attacker can upload a malicious SVG that executes arbitrary JavaScript when viewed by other users,...

Langflow 安全漏洞

Langflow is an open-source visualization framework developed by Langflow for building multi-agent and RAG applications. Langflow has a security vulnerability where the endpoint/api/v1/files/images/flowid/filename does not clean the content when providing SVG files. This may lead to storage-side...

GHSA-FWJ4-6WGP-MPXM Katello: Denial of Service and potential information disclosure via SQL injection

A flaw was found in the Katello plugin for Red Hat Satellite. This vulnerability, caused by improper sanitization of user-provided input, allows a remote attacker to inject arbitrary SQL commands into the sortby parameter of the /api/hosts/bootcimages API endpoint. This can lead to a Denial of...

SQL Injection

Overview katello is a package that adds Content and Subscription Management to Foreman Affected versions of this package are vulnerable to SQL Injection via improper sanitization of user input in the sortby parameter of the /api/hosts/bootcimages endpoint. An attacker can cause database errors or...

CVE-2025-67427

A Blind Server-Side Request Forgery SSRF vulnerability in evershop 2.1.0 and prior allows unauthenticated attackers to force the server to initiate an HTTP request via the "GET /images" API. The vulnerability occurs due to insufficient validation of the "src" query parameter, which permits...

GHSA-M2Q5-XHQG-92R2 evershop allows unauthenticated attackers to exhaust application server's resources via "GET /images" API

A Denial of Service DoS vulnerability in evershop 2.1.0 and prior allows unauthenticated attackers to exhaust the application server's resources via the "GET /images" API. The application fails to limit the height of the use-element shadow tree or the dimensions of pattern tiles during the...

Server-side Request Forgery (SSRF)

Overview @evershop/evershop is a The React Ecommerce platform. Built with React and Postgres. Open-source and free. Fast and customizable. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the GET /images API endpoint. An attacker can cause the server to...

Excessive Platform Resource Consumption within a Loop

Overview @evershop/evershop is a The React Ecommerce platform. Built with React and Postgres. Open-source and free. Fast and customizable. Affected versions of this package are vulnerable to Excessive Platform Resource Consumption within a Loop via the GET /images API endpoint when processing SVG...

evershop allows unauthenticated attackers to force server to initiate HTTP request via "GET /images" API

A Blind Server-Side Request Forgery SSRF vulnerability in evershop 2.1.0 and prior allows unauthenticated attackers to force the server to initiate an HTTP request via the "GET /images" API. The vulnerability occurs due to insufficient validation of the "src" query parameter, which permits...

CVE-2025-67427

A Blind Server-Side Request Forgery SSRF vulnerability in evershop 2.1.0 and prior allows unauthenticated attackers to force the server to initiate an HTTP request via the "GET /images" API. The vulnerability occurs due to insufficient validation of the "src" query parameter, which permits...

CVE-2025-67419

A Denial of Service DoS vulnerability in evershop 2.1.0 and prior allows unauthenticated attackers to exhaust the application server's resources via the "GET /images" API. The application fails to limit the height of the use-element shadow tree or the dimensions of pattern tiles during the...

CVE-2025-67427

The CVE-2025-67427 issue affects EverShop prior to 2.1.1, where an insufficient validation of the src query parameter in the GET /images API allows unauthenticated SSRF to trigger arbitrary HTTP/HTTPS requests to internal or external networks. The root cause is improper validation of the target U...

PT-2026-1329

Name of the Vulnerable Software and Affected Versions evershop versions prior to 2.1.1 Description A Blind Server-Side Request Forgery SSRF exists in evershop versions prior to 2.1.1. An unauthenticated attacker can force the server to initiate an HTTP request via the ''/images'' API endpoint. Th...

PT-2026-1330

Name of the Vulnerable Software and Affected Versions evershop versions prior to 2.1.0 Description A Denial of Service DoS issue exists in evershop that allows unauthenticated attackers to exhaust application server resources. This occurs through the use of the ''GET /images'' API endpoint. The...

CVE-2025-67419

A Denial of Service DoS vulnerability in evershop 2.1.0 and prior allows unauthenticated attackers to exhaust the application server's resources via the "GET /images" API. The application fails to limit the height of the use-element shadow tree or the dimensions of pattern tiles during the...

CVE-2025-67419

CVE-2025-67419 describes a DoS in evershop prior to 2.1.0 where unauthenticated attackers can exhaust server resources via the GET /images endpoint while processing SVG files. Root cause: the application does not bound the height of the use-element shadow tree or the dimensions of pattern tiles d...

CVE-2025-65844

EverShop 2.0.1 allows a remote unauthenticated attacker to upload arbitrary files and create directories via the /api/images endpoint. The endpoint is accessible without authentication by default, and server-side validation of uploaded files is insufficient. This can be abused to upload arbitrary...