Lucene search
+L

361 matches found

EUVD
EUVD
added 2 days ago8 views

EUVD-2026-45295

oras-go is a Go library for managing OCI artifacts. Prior to 2.6.1, auth.Client follows the realm URL from a registry's WWW-Authenticate: Bearer challenge without validating the scheme or host, allowing a malicious or compromised registry to cause SSRF to internal networks such as...

2.1CVSS5.2AI score0.0026EPSS
Exploits0References3
Cvelist
Cvelist
added 2 days ago38 views

CVE-2026-62201 OpenClaw < 2026.6.6 Network Policy Bypass via exec-server

OpenClaw versions before 2026.6.6 contain a network policy bypass vulnerability in the sandbox exec-server that allows lower-trust callers to reach internal network destinations blocked by OpenClaw policy. Attackers can send HTTP requests through the exec-server to access network resources that...

7.7CVSS0.00273EPSS
Exploits0References2
CVE
CVE
added 2 days ago10 views

CVE-2026-62201

OpenClaw prior to version 2026.6.6 contains a network policy bypass in the sandbox exec-server that lets lower-trust callers reach internal network destinations blocked by policy. Attackers can send HTTP requests through the exec-server to access restricted network resources. The CVE description ...

7.7CVSS6.1AI score0.00273EPSS
Exploits0References2
NVD
NVD
added 6 days ago12 views

CVE-2026-49969

Laravel-Mediable before 7.0.0 contains a server-side request forgery vulnerability that allows remote attackers to issue arbitrary HTTP requests from the server by supplying unvalidated caller-controlled URLs to endpoints backed by MediaUploader::fromSource. Attackers can craft URLs targeting...

7.4CVSS0.00241EPSS
Exploits0References3
NVD
NVD
added 6 days ago6 views

CVE-2026-49876

Authenticated SSRF in Gravitino JobManager allows server-side HTTP requests to internal network and cloud metadata endpoints via unvalidated job template URIs. A vulnerability in Apache Gravitino. This issue affects Apache Gravitino: from 1.0.0 through 1.2.1. Users are recommended to upgrade to...

6.5CVSS0.00502EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago33 views

CVE-2026-49876 Apache Gravitino: Authenticated SSRF in Gravitino JobManager allows server-side HTTP requests to internal network and cloud metadata endpoints via unvalidated job template URIs

Authenticated SSRF in Gravitino JobManager allows server-side HTTP requests to internal network and cloud metadata endpoints via unvalidated job template URIs. A vulnerability in Apache Gravitino. This issue affects Apache Gravitino: from 1.0.0 through 1.2.1. Users are recommended to upgrade to...

0.00502EPSS
Exploits0References1
CVE
CVE
added 6 days ago12 views

CVE-2026-49876

CVE-2026-49876 describes an authenticated SSRF in the Gravitino JobManager. The issue allows server-side HTTP requests to internal networks and cloud metadata endpoints via unvalidated job template URIs. Affected software: Apache Gravitino 1.0.0 through 1.2.1. Impact is tied to the ability to rea...

6.5CVSS6.1AI score0.00502EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/07/10 3:16 p.m.4 views

PYSEC-2026-3443

Crawl4AI before 0.8.7 contains a server-side request forgery SSRF vulnerability in the Docker API server's /crawl/job and /llm/job endpoints, which accept webhook URLs without destination validation. An attacker can supply webhook URLs pointing to private or internal IP ranges, Docker networks, o...

7.5CVSS6.1AI score0.00421EPSS
Exploits0References3
CVE
CVE
added 2026/07/10 1:57 p.m.14 views

CVE-2026-56261

CVE-2026-56261 affects Crawl4AI prior to 0.8.7. The Docker API server endpoints /crawl/job and /llm/job accept webhook URLs without destination validation, allowing SSRF to private/internal IP ranges, Docker networks, or cloud metadata endpoints (e.g., 169.254.169.254). Potential impact is exposu...

9.2CVSS6.1AI score0.00371EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/07/10 1:57 p.m.10 views

EUVD-2026-42880

Crawl4AI before 0.8.7 contains a server-side request forgery SSRF vulnerability in the Docker API server's /crawl/job and /llm/job endpoints, which accept webhook URLs without destination validation. An attacker can supply webhook URLs pointing to private or internal IP ranges, Docker networks, o...

9.2CVSS6.1AI score0.00371EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/10 1:57 p.m.36 views

CVE-2026-56261 Crawl4AI - Server-Side Request Forgery via Webhook URLs

Crawl4AI before 0.8.7 contains a server-side request forgery SSRF vulnerability in the Docker API server's /crawl/job and /llm/job endpoints, which accept webhook URLs without destination validation. An attacker can supply webhook URLs pointing to private or internal IP ranges, Docker networks, o...

9.2CVSS0.00371EPSS
Exploits0References3
OSV
OSV
added 2026/07/07 7:35 p.m.8 views

GHSA-G84H-J7JJ-X32P @aborruso/ckan-mcp-server: SSRF via base_url allows access to internal networks (Potential fix bypass of CVE-2026-33060)

Summary A known vulnerability CVE-2026-33060 indicated tools including ckanpackagesearch and sparqlquery that accept a baseurl parameter had the risk of making HTTP requests to arbitrary endpoints without restriction. A fix was applied to filter out ip addresses. However, a method to bypass exist...

5.7CVSS6.1AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.19 views

PT-2026-55301

Name of the Vulnerable Software and Affected Versions AutoBangumi versions prior to 3.2.8 Description An unauthenticated remote attacker can probe internal network services via a server-side request forgery SSRF issue. By providing arbitrary host values to the 'POST /api/v1/setup/test-downloader'...

6.9CVSS6.2AI score0.00321EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/26 3:32 p.m.9 views

EUVD-2026-39779

Mattermost versions 10.11.x = 10.11.18, 11.6.x = 11.6.3, 11.5.x = 11.5.6 fail to validate attachment URLs against internal or private IP ranges in the Mattermost Agents plugin MCP server which allows an attacker with access to the MCP server in stdio mode to perform server-side request forgery SS...

6.5CVSS5.8AI score0.00104EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 3:16 p.m.8 views

CVE-2026-4339

Mattermost versions 10.11.x = 10.11.18, 11.6.x = 11.6.3, 11.5.x = 11.5.6 fail to validate attachment URLs against internal or private IP ranges in the Mattermost Agents plugin MCP server which allows an attacker with access to the MCP server in stdio mode to perform server-side request forgery SS...

6.5CVSS0.00104EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.11 views

PT-2026-52849

Name of the Vulnerable Software and Affected Versions Canonical LXD versions 4.12 through 6.9 Description A Server-Side Request Forgery SSRF issue exists in the image import functionality. Authenticated users possessing the can create images entitlement can interact with internal network...

5CVSS6AI score0.0017EPSS
Exploits1References12
Vulnrichment
Vulnrichment
added 2026/06/25 6:7 p.m.9 views

CVE-2026-56771 NewsBlur < 14.5.0 - Server-Side Request Forgery via add_url Endpoint

NewsBlur before version 14.5.0 contains a server-side request forgery vulnerability in the addurl endpoint that allows authenticated users to make arbitrary server requests to internal networks by failing to filter private IP addresses. Attackers can exploit this to access localhost services and...

8.5CVSS6AI score0.00204EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 6:7 p.m.9 views

EUVD-2026-39524

NewsBlur before version 14.5.0 contains a server-side request forgery vulnerability in the addurl endpoint that allows authenticated users to make arbitrary server requests to internal networks by failing to filter private IP addresses. Attackers can exploit this to access localhost services and...

8.5CVSS6AI score0.00204EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 6:7 p.m.17 views

CVE-2026-56771

NewsBlur prior to 14.5.0 is affected by an SSRF in the add_url endpoint. The issue lets authenticated users trigger arbitrary server requests to internal networks by failing to filter private IPs, potentially reaching localhost services and cloud metadata endpoints. This enables internal network ...

8.5CVSS6AI score0.00204EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/25 6:7 p.m.36 views

CVE-2026-56771 NewsBlur < 14.5.0 - Server-Side Request Forgery via add_url Endpoint

NewsBlur before version 14.5.0 contains a server-side request forgery vulnerability in the addurl endpoint that allows authenticated users to make arbitrary server requests to internal networks by failing to filter private IP addresses. Attackers can exploit this to access localhost services and...

8.5CVSS0.00204EPSS
Exploits0References4
Rows per page
Query Builder