Lucene search
K

1760 matches found

Vulnrichment
Vulnrichment
added 2026/05/28 7:10 p.m.13 views

CVE-2026-49129 Music Player Daemon < 0.24.11 SSRF via CurlInputPlugin

Music Player Daemon MPD before version 0.24.11 contains a server-side request forgery vulnerability in CurlInputPlugin where CURLOPTFOLLOWLOCATION is set without CURLOPTREDIRPROTOCOLSSTR, allowing unauthenticated attackers to bypass the http/https scheme restriction by causing a malicious HTTP...

6.9CVSS5.8AI score0.00281EPSS
Exploits0References7
NVD
NVD
added 2026/05/27 6:16 p.m.17 views

CVE-2026-45548

Budibase is an open-source low-code platform. Prior to 3.34.8, the processUrlFile function in packages/server/src/automations/steps/ai/extract.ts uses fetchfileUrl directly without the IP blacklist validation that is consistently applied to all other automation steps. This allows an authenticated...

7.7CVSS0.00258EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/27 5:12 p.m.15 views

CVE-2026-48148 Budibase: Unvalidated VectorDB Host Parameter Enables SSRF

Budibase is an open-source low-code platform. Prior to 3.35.3, the VectorDB configuration endpoint in Budibase accepts a host parameter that undergoes no validation against internal IP ranges, reserved hostnames, or URL schemes. Any authenticated user with builder-level access can supply an...

5.3CVSS5.9AI score0.00226EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 5:11 p.m.22 views

CVE-2026-45548

The CVE-2026-45548 entries describe a Server-Side Request Forgery (SSRF) in Budibase where processUrlFile (AI Extract File step) calls fetch(fileUrl) without the IP blacklist, bypassing protections used by other automation steps. This allowed an authenticated builder to trigger server-side reques...

7.7CVSS5.8AI score0.00258EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/27 5:11 p.m.12 views

CVE-2026-45548

Budibase is an open-source low-code platform. Prior to 3.34.8, the processUrlFile function in packages/server/src/automations/steps/ai/extract.ts uses fetchfileUrl directly without the IP blacklist validation that is consistently applied to all other automation steps. This allows an authenticated...

7.7CVSS5.8AI score0.00258EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/27 5:11 p.m.9 views

CVE-2026-45548 Budibase: SSRF in AI Extract File Automation Step via Missing IP Blacklist Validation

Budibase is an open-source low-code platform. Prior to 3.34.8, the processUrlFile function in packages/server/src/automations/steps/ai/extract.ts uses fetchfileUrl directly without the IP blacklist validation that is consistently applied to all other automation steps. This allows an authenticated...

7.7CVSS5.8AI score0.00258EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 5:11 p.m.11 views

EUVD-2026-32604

Budibase is an open-source low-code platform. Prior to 3.34.8, the processUrlFile function in packages/server/src/automations/steps/ai/extract.ts uses fetchfileUrl directly without the IP blacklist validation that is consistently applied to all other automation steps. This allows an authenticated...

7.7CVSS5.8AI score0.00258EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 5:9 p.m.13 views

EUVD-2026-32601

Budibase is an open-source low-code platform. Prior to 3.38.1, Budibase exposes a REST API for datasource management. The route PUT /api/datasources/:datasourceId is registered in the authorizedRoutes group with TABLE/READ permission. This is the same authorization level as the read endpoint GET...

8.8CVSS6AI score0.00251EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 5:9 p.m.43 views

CVE-2026-45717 Budibase: `PUT /api/datasources/:datasourceId` is protected only by `TABLE/READ` permission instead of builder access, allowing any authenticated app user to overwrite datasource connection parameters including host, port, and URL.

Budibase is an open-source low-code platform. Prior to 3.38.1, Budibase exposes a REST API for datasource management. The route PUT /api/datasources/:datasourceId is registered in the authorizedRoutes group with TABLE/READ permission. This is the same authorization level as the read endpoint GET...

8.8CVSS0.00251EPSS
Exploits0References2
NVD
NVD
added 2026/05/26 9:16 p.m.19 views

CVE-2026-42336

MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch functionality due to inconsistent DNS resolution between validation and actual request execution, allowing attackers to access...

5.1CVSS0.00187EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 8:22 p.m.22 views

EUVD-2026-31989

MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch functionality due to inconsistent DNS resolution between validation and actual request execution, allowing attackers to access...

5.1CVSS5.8AI score0.00187EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 8:22 p.m.10 views

CVE-2026-42336

MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch functionality due to inconsistent DNS resolution between validation and actual request execution, allowing attackers to access...

5.1CVSS5.8AI score0.00187EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/26 8:9 p.m.14 views

CVE-2026-42335

MaxKB is an open-source AI assistant for enterprise. Prior to 2.8.1, MaxKB v2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch chat/api/oss/geturl endpoint. The vulnerability exists due to inconsistent URL parsing between the urlparse...

6.3CVSS5.8AI score0.00232EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/26 8:9 p.m.13 views

EUVD-2026-31983

MaxKB is an open-source AI assistant for enterprise. Prior to 2.8.1, MaxKB v2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch chat/api/oss/geturl endpoint. The vulnerability exists due to inconsistent URL parsing between the urlparse...

6.3CVSS5.8AI score0.00232EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/26 2:12 p.m.8 views

CVE-2026-41455

WeKan before 8.35 contains a server-side request forgery vulnerability in webhook integration URL handling where the URL scheme field accepts any string without protocol restriction or destination validation. Attackers who can create or modify integrations can set webhook URLs to internal network...

8.5CVSS6AI score0.00236EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 1:45 p.m.18 views

CVE-2026-45082 Karakeep has a SSRF Protection Bypass via Redirect Handling

Karakeep is a elf-hostable bookmark-everything app. A Server-Side Request Forgery SSRF protection bypass vulnerability was identified in versions prior to 0.32.0 affecting redirect-following processing components. Although the application implements protections intended to prevent requests toward...

7.6CVSS5.8AI score0.003EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.10 views

PT-2026-42681

Summary A Server-Side Request Forgery SSRF vulnerability in get image info allows any authenticated user to force the server to send HTTP requests to arbitrary internal endpoints, including cloud metadata services e.g., AWS 169.254.169.254. This is a blind SSRF with confirmed internal port scanni...

6.5CVSS5.9AI score0.00032EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Using techniques based on slipstream research, a malicious webpage could scan both the hosts of an internal network and the services running on the user’s local machine, using WebRTC connections. This vulnerability affects Firefox ESR 78.9, Firefox 87, and Thunderbird 78.9...

6.5CVSS7.1AI score0.00743EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 1:25 a.m.59 views

CVE-2026-6394 Nexa Blocks <= 1.1.1 - Unauthenticated Blind Server-Side Request Forgery via 'demo_json_file' Parameter

The Nexa Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Server-Side Request Forgery SSRF in versions up to and including 1.1.1. This is due to the importdemo function accepting a user-supplied URL in the demojsonfile POST parameter and...

5.4CVSS0.00316EPSS
Exploits0References7
OSV
OSV
added 2026/05/20 1:3 a.m.8 views

MAL-2026-4543 Malicious code in customerdigital-ui-containers-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a314a5b253dcb30b2781bda216266b7ab1b49b62eec416bd9be07b48ab46a348 On npm install, postinstall.js collects git identity, OS user/uid, hostname, internal network interface addresses, Cloudflare Pages environment...

5.8AI score
Exploits0References2
Rows per page
Query Builder