Lucene search
K

144 matches found

OSV
OSV
added 2026/03/27 7:23 p.m.7 views

CVE-2026-31945 LibreChat Server-Side Request Forgery using DNS resolution

LibreChat is a ChatGPT clone with additional features. Versions 0.8.2-rc2 through 0.8.2 are vulnerable to a server-side request forgery SSRF attack when using agent actions or MCP. Although a previous SSRF vulnerability...

7.7CVSS5.9AI score0.00249EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/27 7:21 p.m.3 views

CVE-2026-31943

LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, isPrivateIP in packages/api/src/auth/domain.ts fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSRF protection and make the server issue HTTP requests ...

8.5CVSS5.9AI score0.00213EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:9 p.m.11 views

CVE-2026-33126

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper validation, allowing Server-Side Request Forgery SSRF attacks. An attacker can use the Frigate server t...

5CVSS5.9AI score0.00189EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/25 9:14 p.m.4 views

EUVD-2026-14916

Vikunja has SSRF via Todoist/Trello Migration File Attachment URLs that Allows Reading Internal Network Resources...

6.4CVSS5.8AI score0.00272EPSS
Exploits1References4
Snyk
Snyk
added 2026/03/17 8:52 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the URL validation logic due to improper handling of underscores in hostnames. An attacker can access internal resources or sensitive endpoints by submitting specially crafted URLs containing...

9.1CVSS5.9AI score0.00246EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/06 10:16 p.m.5 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the --lfs-endpoint parameter during repository import. An attacker can cause the server to send HTTP requests to internal or private IP addresses, potentially accessing sensitive internal services or...

9.1CVSS5.8AI score0.00328EPSS
Exploits1References2
Veracode
Veracode
added 2026/03/06 7:23 a.m.8 views

Server-Side Request Forgery (SSRF)

mcp-fetch-server is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper private IP validation, which allows an attacker to bypass the validation mechanism and access internal network resources...

7.5CVSS5.8AI score0.00388EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/05 9:59 p.m.3 views

CVE-2026-28467 OpenClaw < 2026.2.2 - SSRF via Attachment Media URL Hydration

OpenClaw versions prior to 2026.2.2 contain a server-side request forgery vulnerability in attachment and media URL hydration that allows remote attackers to fetch arbitrary HTTPS URLs. Attackers who can influence media URLs through model-controlled sendAttachment or auto-reply mechanisms can...

6.5CVSS5.9AI score0.00397EPSS
Exploits1References4
Snyk
Snyk
added 2026/03/03 10:21 p.m.5 views

Server-side Request Forgery (SSRF)

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via inconsistent enforcement of host and DNS policies in the media fetch process. An attacker can access internal network resources or unintended hosts by...

3.5CVSS5.8AI score
Exploits0References3
Snyk
Snyk
added 2026/02/26 3:13 a.m.5 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Actions V2 webhook. An attacker can access internal network resources and gather information about internal services by specifying target URLs that resolve to local hosts or internal IP addresses...

6.5CVSS6AI score0.00226EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/26 3:13 a.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Actions V2 webhook. An attacker can access internal network resources and gather information about internal services by specifying target URLs that resolve to local hosts or internal IP addresses...

6.5CVSS6AI score0.00226EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/25 10:57 p.m.5 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the /https route handler. An attacker can access internal network resources and retrieve sensitive information by supplying a crafted domain that resolves to a loopback or private IP address, thereby...

8.7CVSS5.9AI score0.00339EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/25 9:18 a.m.5 views

Server-side Request Forgery (SSRF)

Overview changedetection.io is a Website change detection and monitoring service Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the issafevalidurl function. An attacker can access internal network resources and exfiltrate sensitive data by submitting...

9.2CVSS6AI score0.00445EPSS
Exploits1References2
NVD
NVD
added 2026/02/24 3:21 p.m.15 views

CVE-2026-27567

Payload is a free and open source headless content management system. Prior to 3.75.0, a Server-Side Request Forgery SSRF vulnerability exists in Payload's external file upload functionality. When processing external URLs for file uploads, insufficient validation of HTTP redirects could allow an...

6.5CVSS0.00288EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/17 9:42 p.m.5 views

Server-side Request Forgery (SSRF)

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the SSRF guard. An attacker can access internal network resources by submitting specially crafted IPv4-mapped IPv6 addresses that bypass IP...

8.8CVSS5.7AI score0.00391EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/27 10:49 p.m.2 views

Server-side Request Forgery (SSRF)

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the MediaConnector class. An attacker can access internal network resources and cause system instability or...

7.1CVSS5.9AI score0.00528EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/20 12:33 p.m.7 views

CVE-2026-1180

A flaw was identified in Keycloak’s OpenID Connect Dynamic Client Registration feature when clients authenticate using privatekeyjwt. The issue allows a client to specify an arbitrary jwksuri, which Keycloak then retrieves without validating the destination. This enables attackers to coerce the...

5.8CVSS5.3AI score0.00363EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/19 3:20 p.m.1 views

CVE-2025-68616 WeasyPrint Vulnerable to Server-Side Request Forgery (SSRF) Protection Bypass via HTTP Redirect

WeasyPrint helps web developers to create PDF documents. Prior to version 68.0, a server-side request forgery SSRF protection bypass exists in WeasyPrint's defaulturlfetcher. The vulnerability allows attackers to access internal network resources such as localhost services or cloud metadata...

7.5CVSS5.5AI score0.00501EPSS
Exploits2References2
Debian CVE
Debian CVE
added 2026/01/19 3:20 p.m.9 views

CVE-2025-68616

WeasyPrint helps web developers to create PDF documents. Prior to version 68.0, a server-side request forgery SSRF protection bypass exists in WeasyPrint's defaulturlfetcher. The vulnerability allows attackers to access internal network resources such as localhost services or cloud metadata...

7.5CVSS5.4AI score0.00501EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2026/01/16 2:0 p.m.4 views

CVE-2025-15104 Nu Html Checker (validator.nu) - Restriction bypass vulnerability allowing local SSRF

Nu Html Checker validator.nu contains a restriction bypass that allows remote attackers to make the server perform arbitrary HTTP/HTTPS requests to internal resources, including localhost services. While the validator implements hostname-based protections to block direct access to localhost and...

6.9CVSS6.8AI score0.00425EPSS
Exploits1References2
Rows per page
Query Builder