Lucene search
K

1784 matches found

Cvelist
Cvelist
added 2026/05/27 5:9 p.m.43 views

CVE-2026-45717 Budibase: `PUT /api/datasources/:datasourceId` is protected only by `TABLE/READ` permission instead of builder access, allowing any authenticated app user to overwrite datasource connection parameters including host, port, and URL.

Budibase is an open-source low-code platform. Prior to 3.38.1, Budibase exposes a REST API for datasource management. The route PUT /api/datasources/:datasourceId is registered in the authorizedRoutes group with TABLE/READ permission. This is the same authorization level as the read endpoint GET...

8.8CVSS0.00251EPSS
Exploits0References2
NVD
NVD
added 2026/05/26 9:16 p.m.19 views

CVE-2026-42336

MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch functionality due to inconsistent DNS resolution between validation and actual request execution, allowing attackers to access...

5.1CVSS0.00187EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 8:22 p.m.23 views

EUVD-2026-31989

MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch functionality due to inconsistent DNS resolution between validation and actual request execution, allowing attackers to access...

5.1CVSS5.8AI score0.00187EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 8:22 p.m.10 views

CVE-2026-42336

MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch functionality due to inconsistent DNS resolution between validation and actual request execution, allowing attackers to access...

5.1CVSS5.8AI score0.00187EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/26 8:9 p.m.14 views

CVE-2026-42335

MaxKB is an open-source AI assistant for enterprise. Prior to 2.8.1, MaxKB v2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch chat/api/oss/geturl endpoint. The vulnerability exists due to inconsistent URL parsing between the urlparse...

6.3CVSS5.8AI score0.00232EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/26 8:9 p.m.14 views

EUVD-2026-31983

MaxKB is an open-source AI assistant for enterprise. Prior to 2.8.1, MaxKB v2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch chat/api/oss/geturl endpoint. The vulnerability exists due to inconsistent URL parsing between the urlparse...

6.3CVSS5.8AI score0.00232EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/26 2:12 p.m.10 views

CVE-2026-41455

WeKan before 8.35 contains a server-side request forgery vulnerability in webhook integration URL handling where the URL scheme field accepts any string without protocol restriction or destination validation. Attackers who can create or modify integrations can set webhook URLs to internal network...

8.5CVSS6AI score0.00236EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 1:45 p.m.18 views

CVE-2026-45082 Karakeep has a SSRF Protection Bypass via Redirect Handling

Karakeep is a elf-hostable bookmark-everything app. A Server-Side Request Forgery SSRF protection bypass vulnerability was identified in versions prior to 0.32.0 affecting redirect-following processing components. Although the application implements protections intended to prevent requests toward...

7.6CVSS5.8AI score0.003EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.10 views

PT-2026-42681

Summary A Server-Side Request Forgery SSRF vulnerability in get image info allows any authenticated user to force the server to send HTTP requests to arbitrary internal endpoints, including cloud metadata services e.g., AWS 169.254.169.254. This is a blind SSRF with confirmed internal port scanni...

6.5CVSS5.9AI score0.00032EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Using techniques based on slipstream research, a malicious webpage could scan both the hosts of an internal network and the services running on the user’s local machine, using WebRTC connections. This vulnerability affects Firefox ESR 78.9, Firefox 87, and Thunderbird 78.9...

6.5CVSS7.1AI score0.00743EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 1:25 a.m.60 views

CVE-2026-6394 Nexa Blocks <= 1.1.1 - Unauthenticated Blind Server-Side Request Forgery via 'demo_json_file' Parameter

The Nexa Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Server-Side Request Forgery SSRF in versions up to and including 1.1.1. This is due to the importdemo function accepting a user-supplied URL in the demojsonfile POST parameter and...

5.4CVSS0.00316EPSS
Exploits0References7
OSV
OSV
added 2026/05/20 1:3 a.m.8 views

MAL-2026-4543 Malicious code in customerdigital-ui-containers-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a314a5b253dcb30b2781bda216266b7ab1b49b62eec416bd9be07b48ab46a348 On npm install, postinstall.js collects git identity, OS user/uid, hostname, internal network interface addresses, Cloudflare Pages environment...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/19 2:44 p.m.8 views

GHSA-Q862-GCGQ-5M6G HAXcms createSite SSRF Enables Arbitrary File Read

Summary An authenticated Server-Side Request Forgery SSRF vulnerability in HAXcms allows users to fetch arbitrary internal or local resources and write the responses to a web-accessible directory, enabling arbitrary file read and internal network access. Details The createSite endpoint in HAXcms...

7.1CVSS5.9AI score0.00238EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/19 12:51 a.m.52 views

CVE-2026-33234 AutoGPT: SendEmailBlock's IP blocklist bypass allows SSRF via user-controlled SMTP server

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.1.0 through 0.6.51, SendEmailBlock in autogptplatform/backend/backend/blocks/emailblock.py accepts a user-supplied smtpserver string and smtpport integer as...

5CVSS0.00304EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.16 views

PT-2026-41763

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.1.0 through 0.6.51, SendEmailBlock in autogpt platform/backend/backend/blocks/email block.py accepts a user-supplied smtp server string and smtp port integer as...

5CVSS5.9AI score0.00304EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.15 views

PT-2026-41975

Name of the Vulnerable Software and Affected Versions HAX CMS versions prior to 26.0.0 Description An authenticated Server-Side Request Forgery SSRF allows users to fetch arbitrary internal or local resources and write the responses to a web-accessible directory, enabling arbitrary file read and...

7.1CVSS5.6AI score0.00238EPSS
Exploits0References6
CVE
CVE
added 2026/05/18 6:40 p.m.19 views

CVE-2026-45231

DumbAssets 1.0.11 is affected by a stored XSS vulnerability in asset fields (name, description, modelNumber, serialNumber, tags) that are stored without server-side sanitization and rendered via innerHTML without client-side escaping. An attacker can create or update assets through asset API endp...

6.1CVSS5.9AI score0.00186EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/18 6:40 p.m.9 views

CVE-2026-45231 DumbAssets 1.0.11 Stored Cross-Site Scripting via Asset Fields

DumbAssets through 1.0.11 contains a stored cross-site scripting vulnerability in asset fields including name, description, modelNumber, serialNumber, and tags that are stored without server-side sanitization and rendered using innerHTML without client-side escaping. Attackers can create or updat...

6.1CVSS5.9AI score0.00186EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/18 6:40 p.m.18 views

EUVD-2026-30792

DumbAssets through 1.0.11 contains a stored cross-site scripting vulnerability in asset fields including name, description, modelNumber, serialNumber, and tags that are stored without server-side sanitization and rendered using innerHTML without client-side escaping. Attackers can create or updat...

6.1CVSS5.9AI score0.00186EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/18 6:40 p.m.34 views

CVE-2026-45231 DumbAssets 1.0.11 Stored Cross-Site Scripting via Asset Fields

DumbAssets through 1.0.11 contains a stored cross-site scripting vulnerability in asset fields including name, description, modelNumber, serialNumber, and tags that are stored without server-side sanitization and rendered using innerHTML without client-side escaping. Attackers can create or updat...

6.1CVSS0.00186EPSS
Exploits0References2
Rows per page
Query Builder