Lucene search
K

18 matches found

Debian CVE
Debian CVE
added 2026/06/11 3:29 p.m.6 views

CVE-2026-44492

Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios does not normalise IPv4-mapped IPv6 addresses. When NOPROXY lists an IPv4 address such as 127.0.0.1 or 169.254.169.254, a request URL using the IPv4-mapped IPv6 form ::ffff:7f00:1, ::ffff:a9fe:a9fe...

8.6CVSS5.3AI score0.00921EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.15 views

Node.js Module axios < 0.32.0 / 1.x < 1.16.0 NO_PROXY Bypass (SSRF)

The version of the axios Node.js module installed on the remote host is prior to 0.32.0 or 1.x prior to 1.16.0. It is, therefore, affected by the following vulnerability: - shouldBypassProxy, introduced in v1.15.0 to fix CVE-2025-62718, does not normalise IPv4-mapped IPv6 addresses. When NOPROXY...

8.6CVSS5.4AI score0.00921EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.15 views

PT-2026-44923

Name of the Vulnerable Software and Affected Versions MoviePilot version v2 Description An issue exists in the image proxy endpoint '/api/v1/system/img/proxy' that allows authenticated attackers to request arbitrary URLs. By providing a resource token cookie and a URL with a domain that matches t...

7.7CVSS5.9AI score0.0025EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.17 views

PT-2026-41397

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.38.1 Description The REST datasource integration in the packages/server/src/integrations/rest.ts file follows HTTP redirects without re-validating the target URL against the IP blacklist. This allows an authenticat...

7.7CVSS5.8AI score0.00258EPSS
Exploits0References5
NVD
NVD
added 2026/05/14 4:16 p.m.16 views

CVE-2026-42592

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, FilterOutboundURL resolves the hostname, checks the resolved IPs against the private-address deny-list, and returns only the error. It discards the resolved addresses. Chromium later performs its own DNS resolution when i...

5.3CVSS0.00186EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/11 9:37 a.m.5 views

CVE-2025-8325

The software fails to enforce role-based access controls for certain Gateway API invocations. Users with the 'Internal/Everyone' role can invoke these APIs, bypassing intended permission checks. This same vulnerability also affects Internal Service APIs, potentially exposing them in WSO2 APIM 3.x...

6.3CVSS5.8AI score0.00174EPSS
Exploits0References2Affected Software6
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.15 views

PT-2026-37104

Name of the Vulnerable Software and Affected Versions Gotenberg versions 8.30.1 and earlier Description Gotenberg is an API-based document conversion tool. The default private-IP deny-lists for the --webhook-deny-list and --api-download-from-deny-list flags use a case-sensitive regular expression...

7.8CVSS5.8AI score0.00463EPSS
Exploits1References12
EUVD
EUVD
added 2026/04/22 12:31 a.m.7 views

EUVD-2026-24554

A server-side request forgery SSRF vulnerability was identified in GitHub Enterprise Server that allowed an attacker to extract sensitive environment variables from the instance through a timing side-channel attack against the notebook rendering service. When private mode was disabled, the notebo...

9.5CVSS5.8AI score0.00328EPSS
Exploits0References8
Snyk
Snyk
added 2026/04/17 6:31 a.m.5 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the ValidateHTTP01Challenge and ValidateTLSALPN01Challenge validation paths in builtin/logical/pki/acmechallenges.go. An attacker can make the ACME validator connect to loopback, link-local,...

8.6CVSS5.7AI score0.00332EPSS
Exploits0References2
OSV
OSV
added 2026/04/15 7:43 p.m.4 views

GHSA-MVVV-V22X-XQWP NocoBase has SSRF in Workflow HTTP Request and Custom Request Plugins

Summary NocoBase's workflow HTTP request plugin and custom request action plugin make server-side HTTP requests to user-provided URLs without any SSRF protection. An authenticated user can access internal network services, cloud metadata endpoints, and localhost. Vulnerable Code 1. Workflow HTTP...

6.5CVSS6AI score0.00384EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.9 views

MCP Server Kubernetes 安全漏洞

MCP Server Kubernetes is a Kubernetes management server developed by Suyog Sonwalkar. Versions of MCP Server Kubernetes prior to 3.4.0 have security vulnerabilities. These vulnerabilities stem from parameter injection issues in the port-forward tool, which may lead to exposure of internal...

8.3CVSS5.8AI score0.00258EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/07 7:2 p.m.5 views

EUVD-2026-19869

OpenObserve is a cloud-native observability platform. In 0.70.3 and earlier, the validateenrichmenturl function in src/handler/http/request/enrichmenttable/mod.rs fails to block IPv6 addresses because Rust's url crate returns them with surrounding brackets e.g. "::1" not "::1". An authenticated...

7.7CVSS5.9AI score0.00265EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.6 views

PT-2026-26786

Name of the Vulnerable Software and Affected Versions AVideo versions up to and including 26.0 Description AVideo, an open source video platform, contains an unauthenticated server-side request forgery SSRF vulnerability in the plugin/Live/test.php file. This allows a remote user to make the AVid...

9.3CVSS5.8AI score0.00442EPSS
Exploits1References12
Github Security Blog
Github Security Blog
added 2025/12/08 10:19 p.m.8 views

ZITADEL Vulnerable to Unauthenticated Full-Read SSRF via V2 Login

Summary Zitadel is vulnerable to an unauthenticated, full-read SSRF vulnerability. An unauthenticated remote attacker can force Zitadel into making HTTP requests to arbitrary domains, including internal addresses. The server then returns the upstream response to the attacker, enabling data...

9.3CVSS7.1AI score0.0046EPSS
Exploits2References4Affected Software2
Github Security Blog
Github Security Blog
added 2025/10/01 9:20 p.m.14 views

marimo vulnerable to proxy abuse of /mpl/{port}/

Summary The /mpl// endpoint, which is accessible without authentication on default Marimo installations allows for external attackers to reach internal services and arbitrary ports. Details From our understanding, this route is used internally to provide access to interactive matplotlib...

7.7AI score
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/19 6:47 p.m.4 views

CVE-2025-34201 Vasion Print (formerly PrinterLogic) Lack of Network Segmentation Between Docker Instances

Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments run many Docker containers on shared internal networks without firewalling or segmentation between instances. A compromise of any single container allows direct access to internal services HTTP, Redi...

8.5CVSS6.5AI score0.00271EPSS
Exploits1References4
OSV
OSV
added 2025/06/30 5:52 p.m.3 views

GHSA-373J-MHPF-84WG Janssen Config API returns results without scope verification

Impact What kind of vulnerability is it? Who is impacted? The configAPI is an internal service and hence should never be exposed to the internet. With that said, this is a serious vulnerability that has a large internal surface attack area that exposes all sorts of information from the IDP...

8.2CVSS6.8AI score0.00343EPSS
Exploits0References7
OSV
OSV
added 2025/03/08 1:15 p.m.5 views

CVE-2024-13924

The Starter Templates by FancyWP plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.0.0 via the 'httprequesthostisexternal' filter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations...

9.1CVSS7.4AI score0.00397EPSS
Exploits0References2
Rows per page
Query Builder