Lucene search
K

270 matches found

nvd
nvd
added 3 days ago7 views

CVE-2026-15378

A flaw was found in the guardrails-detectors component. This vulnerability allows a remote attacker to perform a blind Server-Side Request Forgery SSRF by submitting a specially crafted XML Schema Definition XSD string. This can lead to unauthorized access to sensitive information, including...

9.3CVSS0.00424EPSS
Exploits0References2
euvd
euvd
added 3 days ago7 views

EUVD-2026-42858

A flaw was found in the guardrails-detectors component. This vulnerability allows a remote attacker to perform a blind Server-Side Request Forgery SSRF by submitting a specially crafted XML Schema Definition XSD string. This can lead to unauthorized access to sensitive information, including...

9.3CVSS6.1AI score0.00424EPSS
Exploits0References2
euvd
euvd
added 5 days ago5 views

EUVD-2026-42376

Gradio before 6.20.0 contains an open redirect and server-side request forgery vulnerability that allows attackers to redirect users to arbitrary URLs or perform client-side SSRF by supplying unvalidated HTTP/HTTPS URLs to the filefetch function in the /gradioapi/file= endpoint. Attackers can cra...

7.4CVSS6AI score0.00247EPSS
Exploits0References5
nvd
nvd
added 6 days ago6 views

CVE-2026-58468

NocoBase through 2.1.20 contains a server-side request forgery vulnerability in the serverRequest wrapper that allows authenticated administrators to issue arbitrary outbound HTTP requests by supplying malicious URLs to workflow request nodes, custom request action buttons, or the AI plugin...

5.5CVSS0.002EPSS
Exploits0References4
euvd
euvd
added 6 days ago5 views

EUVD-2026-41997

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the GithubApp apiurl field is used as the base URL for server-side HTTP requests without allowlisting or private IP blocking, allowing an authenticated user to configure a...

4.3CVSS6AI score0.00171EPSS
Exploits0References1
attackerkb
attackerkb
added 6 days ago7 views

CVE-2026-34170

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the GithubApp apiurl field is used as the base URL for server-side HTTP requests without allowlisting or private IP blocking, allowing an authenticated user to configure a...

4.3CVSS6AI score0.00171EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 6 days ago33 views

CVE-2026-34170 Coolify: Server-Side Request Forgery via attacker-controlled GitHub App API URL

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the GithubApp apiurl field is used as the base URL for server-side HTTP requests without allowlisting or private IP blocking, allowing an authenticated user to configure a...

4.3CVSS0.00171EPSS
Exploits0References1
cvelist
cvelist
added 2026/07/03 5:0 p.m.42 views

CVE-2026-14620 webpack-dev-server vulnerable to cross-site request forgery via internal developer endpoints

webpack-dev-server versions 5.2.5 and earlier expose two internal developer endpoints, /webpack-dev-server/open-editor and /webpack-dev-server/invalidate, that perform state-changing actions on any GET request without verifying that the request originated from the dev server's own page. Any websi...

4.7CVSS0.00116EPSS
Exploits0References2
cve
cve
added 2026/07/03 5:0 p.m.31 views

CVE-2026-14620

webpack-dev-server prior to 5.2.6 exposes two internal endpoints (/webpack-dev-server/open-editor and /webpack-dev-server/invalidate) that perform state-changing actions on any GET request without origin verification. This enables cross-origin interactions when a user visits any website while the...

4.7CVSS6.1AI score0.00116EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2026/07/03 11:16 a.m.8 views

CVE-2026-10055

In Eclipse Theia since version 1.26.0, the backend /services/request-service RPC accepts an attacker-controlled URL from any client connected to the standard /services messaging endpoint, performs the HTTP request server-side, and returns the full response body to the caller. Because the...

8.5CVSS0.00297EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/07/03 10:30 a.m.10 views

CVE-2026-10055

In Eclipse Theia since version 1.26.0, the backend /services/request-service RPC accepts an attacker-controlled URL from any client connected to the standard /services messaging endpoint, performs the HTTP request server-side, and returns the full response body to the caller. Because the...

8.5CVSS6AI score0.00297EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/07/03 4:30 a.m.38 views

CVE-2026-11397 WP Import Export Lite <= 3.9.30 - Authenticated (Administrator+) Server-Side Request Forgery via 'file_url' Parameter

The WP Import Export Lite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to and including 3.9.30 via the wpieimportuploadfilefromurl AJAX action. The plugin's URL downloader first calls wpsaferemoteget which correctly blocks private/reserved IP ranges, but wh...

5.5CVSS0.00235EPSS
Exploits0References6
attackerkb
attackerkb
added 2026/07/03 4:30 a.m.10 views

CVE-2026-11397

The WP Import Export Lite plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to and including 3.9.30 via the wpieimportuploadfilefromurl AJAX action. The plugin's URL downloader first calls wpsaferemoteget which correctly blocks private/reserved IP ranges, but wh...

5.5CVSS5.9AI score0.00235EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2026/07/03 12:0 a.m.12 views

PT-2026-55524

Name of the Vulnerable Software and Affected Versions Eclipse Theia versions 1.26.0 and later Description The backend /services/request-service RPC accepts a URL controlled by an attacker from any client connected to the standard /services messaging endpoint. The server performs the HTTP request...

8.5CVSS6.1AI score0.00297EPSS
Exploits0References7
cvelist
cvelist
added 2026/07/02 7:41 p.m.31 views

CVE-2026-59095 LobeChat < 2.2.10-canary.18 - SSRF via importFromUrl and fetchImageFromUrl

LobeChat before 2.2.10-canary.18 contains a server-side request forgery vulnerability that allows authenticated attackers to direct internal HTTP requests to arbitrary URLs by supplying user-controlled input to the skill import service importFromUrl and topic cover update fetchImageFromUrl...

8.3CVSS0.00235EPSS
Exploits0References3
cve
cve
added 2026/07/02 7:41 p.m.14 views

CVE-2026-59095

CVE-2026-59095 affects LobeChat prior to 2.2.10-canary.18. It is a server-side request forgery (SSRF) vulnerability where authenticated attackers can supply input to the skill import service (importFromUrl) and topic cover update (fetchImageFromUrl) endpoints that use the global fetch without the...

8.3CVSS5.9AI score0.00235EPSS
Exploits0References3
snyk
snyk
added 2026/07/01 9:6 p.m.5 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the realm parameter in the authentication process. An attacker can cause the client to send requests to internal network endpoints or transmit credentials over an unencrypted channel by controlling t...

3.1CVSS6AI score
Exploits0References3
snyk
snyk
added 2026/07/01 9:6 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the realm parameter in the authentication process. An attacker can cause the client to send requests to internal network endpoints or transmit credentials over an unencrypted channel by controlling t...

3.1CVSS6AI score
Exploits0References3
nvd
nvd
added 2026/06/30 8:17 p.m.6 views

CVE-2026-10129

IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF protection bypass vulnerability in the API Request component. An authenticated attacker with low-level privileges flow author role can bypass SSRF protections by enabling the followredirects parameter and supplying a...

8.5CVSS0.00185EPSS
Exploits0References1
cve
cve
added 2026/06/30 7:59 p.m.15 views

CVE-2026-10129

CVE-2026-10129 affects IBM Langflow OSS 1.0.0–1.9.3. A SSRF protection bypass exists in the API Request component: with a low-privilege flow author, an attacker can enable follow_redirects and supply a public URL that redirects to internal/localhost addresses. The app validates only the initial U...

8.5CVSS5.8AI score0.00185EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder