CVE-2026-47382

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the connection-test endpoint opened a raw TCP socket to the user-supplied database host without resolving and range-checking the destination, so private and link-local addresses including IPv4-mapped IPv6 forms and...

CVE-2026-47382

CVE-2026-47382 concerns NocoDB, where the connection-test endpoint allowed SSRF by opening a raw TCP socket to a user-supplied database host without DNS resolution and range checks. This could reach private/link-local addresses (including IPv4-mapped IPv6 and localhost) before a fix. The issue is...

CVE-2026-47382 NocoDB: Server-Side Request Forgery via Database Connection Host

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the connection-test endpoint opened a raw TCP socket to the user-supplied database host without resolving and range-checking the destination, so private and link-local addresses including IPv4-mapped IPv6 forms and...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: 6lowpan: resetting the link-local header in the IPv6 receive path The Bluetooth 6lowpan.c netdev module has the headerops function; therefore, it must set the link-local header for the RX skb packet. Otherwise, thin...

CVE-2026-53782

Summarize before 0.17.0 contains a server-side request forgery vulnerability that allows attackers who control a podcast RSS feed to direct the host to fetch transcript content from loopback addresses, link-local addresses, RFC 1918 private ranges, or other reserved destinations by supplying...

EUVD-2026-36308

Summarize before 0.17.0 contains a server-side request forgery vulnerability that allows attackers who control a podcast RSS feed to direct the host to fetch transcript content from loopback addresses, link-local addresses, RFC 1918 private ranges, or other reserved destinations by supplying...

GHSA-5G86-85RP-F9HX Papra HTTP redirect bypass can lead to SSRF via webhook delivery system

Summary Papra's webhook delivery system contains an SSRF protection bypass that allows any authenticated organisation member to cause the server to make HTTP requests to internal addresses — loopback, link-local, and RFC-1918 ranges. The SSRF protection validates the registered webhook URL but...

PT-2026-47080

Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.05.1 Description The 'connection-test' endpoint opens a raw TCP socket to a user-supplied database host without resolving or range-checking the destination. This allows private and link-local addresses, including...

Unity Linux 20.1050e / 20.1070e Security Update: kubernetes (UTSA-2026-017342)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017342 advisory. A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows...

Lemmy 代码问题漏洞

Lemmy is open-source software developed by Lemmy, used for building social news aggregators and web forums. Versions of Lemmy prior to 0.19.18 had code vulnerabilities. These vulnerabilities stemmed from the lack of mechanisms to reject loops, private links, or link-local targets when creating li...

CVE-2026-41413 Istio Vulnerable to SSRF via RequestAuthentication jwksUri

Istio is an open platform to connect, manage, and secure microservices. Prior to versions 1.28.6 and 1.29.2, when a RequestAuthentication resource is created with a jwksUri pointing to an internal service, istiod makes an unauthenticated HTTP GET request to that URL without filtering out localhos...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6getlladdr Some time ago 8965779d2c0e "ipv6,mcast: always hold idev-lock before mcalock" switched ipv6getlladdr to ipv6getlladdr, which is rcu-unsafe version. That was OK, because idev-lock...

EUVD-2026-26491

Apache Neethi does not impose any restrictions on URIs when manually fetching remote policy references through the PolicyReference API. When an application explicitly calls the API to retrieve a policy from a remote URI, an outbound request is made for arbitrary protocols and internal IP...

CVE-2026-42404

Apache Neethi does not impose any restrictions on URIs when manually fetching remote policy references through the PolicyReference API. When an application explicitly calls the API to retrieve a policy from a remote URI, an outbound request is made for arbitrary protocols and internal IP...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013047)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013047 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: 6lowpan: reset link-local header on ipv6 recv path Bluetooth 6lowpan.c netdev has...

CVE-2026-34719

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the webhook model was missing a proper validation for loop back addresses, or link-local addresses — only the URL scheme HTTP/HTTPS as well as the hostname was checked. This could end up in retrieving...

CVE-2026-34719

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the webhook model was missing a proper validation for loop back addresses, or link-local addresses — only the URL scheme HTTP/HTTPS as well as the hostname was checked. This could end up in retrieving...

CVE-2026-34719 Zammad has a Server-side request forgery (SSRF) via webhooks

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the webhook model was missing a proper validation for loop back addresses, or link-local addresses — only the URL scheme HTTP/HTTPS as well as the hostname was checked. This could end up in retrieving...

EUVD-2026-20559

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the webhook model was missing a proper validation for loop back addresses, or link-local addresses — only the URL scheme HTTP/HTTPS as well as the hostname was checked. This could end up in retrieving...

PT-2026-31416

Name of the Vulnerable Software and Affected Versions Zammad versions prior to 7.0.1 and prior to 6.5.4 Description Zammad, a web-based open-source helpdesk/customer support system, had insufficient validation in its webhook model for loopback or link-local addresses. Only the URL scheme HTTP/HTT...