CVE-2026-49129 Music Player Daemon < 0.24.11 SSRF via CurlInputPlugin

Music Player Daemon MPD before version 0.24.11 contains a server-side request forgery vulnerability in CurlInputPlugin where CURLOPTFOLLOWLOCATION is set without CURLOPTREDIRPROTOCOLSSTR, allowing unauthenticated attackers to bypass the http/https scheme restriction by causing a malicious HTTP...

CVE-2026-33234 AutoGPT: SendEmailBlock's IP blocklist bypass allows SSRF via user-controlled SMTP server

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.1.0 through 0.6.51, SendEmailBlock in autogptplatform/backend/backend/blocks/emailblock.py accepts a user-supplied smtpserver string and smtpport integer as...

utcp-http vulnerable to SSRF via attacker-controlled OpenAPI servers[0].url in HTTP communication protocol

Summary The utcp-http plugin is vulnerable to a blind Server-Side Request Forgery SSRF caused by a trust-boundary inconsistency between manual discovery and tool invocation. registermanual validates the discovery URL against an HTTPS / loopback allowlist, but calltool and calltoolstreaming reuse...

PT-2026-38625

Name of the Vulnerable Software and Affected Versions python-utcp versions prior to 1.1.3 Description The utcp-http plugin is subject to a blind Server-Side Request Forgery SSRF, a flaw where an attacker can induce the server to make requests to an unintended location. This occurs due to a...

CVE-2026-33975

Twenty is an open source CRM built with NestJS Node.js. In versions 1.18.0 and earlier, the SSRF protection in twenty-server's SecureHttpClientService can be bypassed using IPv4-mapped IPv6 addresses in URL IP literals. Node.js's URL parser normalizes IPv4-mapped IPv6 addresses to compressed hex...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the FilterDeadline function. An attacker can force the application to make arbitrary outbound HTTP POST requests to internal or external destinations by supplying a crafted URL in the...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the POST /api/lunchflow/link endpoint, which insufficiently validates user-supplied URLs and fails to restrict access to internal or sensitive network addresses. An attacker can cause the server to...

GHSA-6W67-HWM5-92MQ LMDeploy has Server-Side Request Forgery (SSRF) via Vision-Language Image Loading

Summary A Server-Side Request Forgery SSRF vulnerability exists in LMDeploy's vision-language module. The loadimage function in lmdeploy/vl/utils.py fetches arbitrary URLs without validating internal/private IP addresses, allowing attackers to access cloud metadata services, internal networks, an...

PT-2026-33211

Name of the Vulnerable Software and Affected Versions NocoBase versions prior to 2.0.37 Description The workflow HTTP request plugin and custom request action plugin make server-side HTTP requests to user-provided URLs without protection against Server-Side Request Forgery SSRF, a flaw where an...

CVE-2026-33715

Chamilo LMS is an open-source learning management system. In version 2.0-RC.2, the file public/main/inc/ajax/install.ajax.php is accessible without authentication on fully installed instances because, unlike other AJAX endpoints, it does not include the global.inc.php file that performs...

rembg server is vulnerable to Server-Side Request Forgery (SSRF) and a weak default CORS configuration

GitHub Security Lab GHSL Vulnerability Report, rembg: GHSL-2024-161, GHSL-2024-162 The GitHub Security Lab team has identified potential security vulnerabilities in rembg. We are committed to working with you to help resolve these issues. In this report you will find everything you need to...

GHSA-55V6-G8PM-PW4C rembg server is vulnerable to Server-Side Request Forgery (SSRF) and a weak default CORS configuration

GitHub Security Lab GHSL Vulnerability Report, rembg: GHSL-2024-161, GHSL-2024-162 The GitHub Security Lab team has identified potential security vulnerabilities in rembg. We are committed to working with you to help resolve these issues. In this report you will find everything you need to...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the validateWebhookURL function. An administrator can access internal network resources and cloud metadata endpoints by submitting webhook URLs that use hostnames resolving to private IP addresses,...

Insecure Default Initialization of Resource

Overview @budibase/backend-core is a Budibase backend core libraries used in server and worker Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via the isBlacklisted function when the BLACKLISTIPS environment variable is unset, causing the blacklist...

CVE-2026-32110

SiYuan is a personal knowledge management system. Prior to 3.6.0, the /api/network/forwardProxy endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accepts a user-controlled URL and makes HTTP requests to it, returning the full response body and...

CVE-2026-33060

The CVE-2026-33060 entry affects the CKAN MCP Server prior to version 0.4.85. The vulnerable components are the MCP server tools ckan_package_search, sparql_query, and ckan_datastore_search_sql, which accept a base_url parameter that can be used to make HTTP requests to arbitrary endpoints. The r...

CVE-2026-27945

ZITADEL is an open source identity management platform. Zitadel Action V2 introduced as early preview in 2.59.0, beta in 3.0.0 and GA in 4.0.0 is a webhook based approach to allow developers act on API request to Zitadel and customize flows such the issue of a token. Zitadel's Action target URLs...

CVE-2025-50180 esm.sh is vulnerable to full-response SSRF

esm.sh is a no-build content delivery network CDN for web development. In version 136, esm.sh is vulnerable to a full-response SSRF, allowing an attacker to retrieve information from internal websites through the vulnerability. Version 137 fixes the vulnerability...

GHSA-WGM6-9RVV-3438 Withdrawn Advisory: Libredesk has a SSRF Vulnerability in Webhooks

Reconsidered - Working as designed. Update 2026-05-28 Libredesk is a single-tenant, self-hosted application. Configuring outbound webhook URLs requires an admin-only permission that is not granted by default - the operator must explicitly assign it. Anyone holding this permission already has full...

CVE-2024-58320

Summary: CVE-2024-58320 concerns an information disclosure in Kentico Xperience that lets public users access sensitive administration interface hostname details during authentication via a publicly accessible endpoint. Affected products/area: Kentico Xperience components exposing the authenticat...