Lucene search
K

16 matches found

Cvelist
Cvelist
added 2026/05/07 6:8 p.m.29 views

CVE-2026-41905 FreeScout vulnerable to SSRF via Helper::sanitizeRemoteUrl: redirect destination not re-validated, allowing internal HTTP / cloud-metadata access

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, Helper::sanitizeRemoteUrl in app/Misc/Helper.php follows HTTP redirects via curlGetLastRedirectedUrl but then re-validates the original URL instead of the final redirect destination. An...

7.7CVSS0.00209EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.15 views

PT-2026-37250

Name of the Vulnerable Software and Affected Versions requests-hardened versions prior to 1.2.1 Description The Server-Side Request Forgery SSRF protection fails to block IP addresses within the RFC 6598 Shared Address Space 100.64.0.0/10. An attacker capable of supplying arbitrary URLs can explo...

6.5CVSS5.9AI score0.00305EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.12 views

PT-2026-39183

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.0 Description Multiple tool implementations bypass the centralized HTTP security wrapper httpSecurity.ts, which is designed to provide Server-Side Request Forgery SSRF protections through deny-list validation, IP...

5.3CVSS5.8AI score0.00396EPSS
Exploits1References4
CVE
CVE
added 2026/04/08 12:0 a.m.22 views

CVE-2026-31017

The connected PT-2026-31332 entry confirms a concrete SSRF vulnerability in ERPNext v16.0.1 and Frappe Framework v16.1.1, arising from insufficient sanitization of HTML in the Print Format function before PDF rendering. This allows user-supplied HTML (e.g., iframe elements) to trigger the server-...

9.1CVSS6.1AI score0.00245EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2026/03/23 2:8 p.m.19 views

CVE-2026-33480 AVideo has a SSRF Protection Bypass via IPv4-Mapped IPv6 Addresses in Unauthenticated LiveLinks Proxy

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the isSSRFSafeURL function in AVideo can be bypassed using IPv4-mapped IPv6 addresses ::ffff:x.x.x.x. The unauthenticated plugin/LiveLinks/proxy.php endpoint uses this function to validate URLs before fetching the...

8.6CVSS0.0032EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/08 1:44 a.m.4 views

CVE-2026-30844

Wekan is an open source kanban tool built with Meteor. Versions 8.32 and 8.33 are vulnerable to Server-Side Request Forgery SSRF via attachment URL loading. During board import in Wekan, attachment URLs from user-supplied JSON data are fetched directly by the server without any URL validation or...

9.3CVSS5.8AI score0.00235EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.6 views

PT-2026-3555

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw exists in Keycloak’s OpenID Connect Dynamic Client Registration feature when clients authenticate using private key jwt. The issue allows a client to specify an arbitrary jwks uri,...

5.8CVSS5.7AI score0.00363EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2025/09/25 3:30 p.m.7 views

cors-anywhere vulnerable to server-side request forgery

Rob -- W / cors-anywhere instances configured as an open proxy allow unauthenticated external users to induce the server to make HTTP requests to arbitrary targets SSRF. Because the proxy forwards requests and headers, an attacker can reach internal-only endpoints and link-local metadata services...

9.5CVSS8.5AI score0.01005EPSS
Exploits0References8Affected Software1
Snyk
Snyk
added 2025/09/16 2:44 a.m.1 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the ip.isPublic and ip.isPrivate functions. An attacker can interact with internal network resources by supplying specially crafted IP address such as octal localhost format "017700000001" that is...

10CVSS6.9AI score0.08279EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/26 12:0 a.m.5 views

PT-2025-34801 · Firecrawl · Firecrawl

Name of the Vulnerable Software and Affected Versions: Firecrawl versions prior to 2.0.1 Description: Firecrawl is a tool that converts websites into LLM-ready markdown or structured data. A server-side request forgery SSRF vulnerability exists in the webhook functionality of Firecrawl...

6.3CVSS7.2AI score0.00255EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-13041

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7...

5.4CVSS5.5AI score0.00272EPSS
Exploits1References2
CVE
CVE
added 2025/08/14 12:0 a.m.15 views

CVE-2025-50861

The CVE-2025-50861 entry affects the Lotus Cars Android App (com.lotus.carsdomestic.intl) version 1.2.8, where the exported component PushDeepLinkActivity is accessible without authentication via ADB or malicious apps. This could allow unintended access to application internals and may lead to de...

6.5CVSS7.3AI score0.00348EPSS
Exploits0References3
Veracode
Veracode
added 2025/08/13 11:38 a.m.5 views

Server Side Request Forgery (SSRF)

bentoml is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to the file upload handlers automatically downloading files from user-provided URLs without validating their targets, which allows an attacker to make the server send arbitrary HTTP requests to internal or...

9.9CVSS7.2AI score0.11883EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/11 12:0 a.m.4 views

PT-2025-16148 · Crates.Io · Surrealdb

SurrealDB offers http functions that can access external network endpoints. A typical, albeit not recommended configuration would be to start SurrealDB with all network connections allowed with the exception of a deny list. For example, surreal start --allow-net --deny-net 10.0.0.0/8 will allow a...

5.8CVSS7AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/03/20 10:9 a.m.6 views

CVE-2024-7959 SSRF in open-webui/open-webui

The /openai/models endpoint in open-webui/open-webui version 0.3.8 is vulnerable to Server-Side Request Forgery SSRF. An attacker can change the OpenAI URL to any URL without checks, causing the endpoint to send a request to the specified URL and return the output. This vulnerability allows the...

7.7CVSS7.8AI score0.24461EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/10/10 12:0 a.m.5 views

PT-2022-6441 · Nokia · Nokia Netact

Name of the Vulnerable Software and Affected Versions: Nokia NetAct versions prior to 22 FP2211 Description: The issue is related to insufficient protection of the web page structure when creating tasks. It allows an attacker to perform cross-site scripting XSS attacks by injecting scripts. The...

6.8CVSS5.4AI score0.00371EPSS
Exploits0References6
Rows per page
Query Builder