Lucene search
K

135 matches found

Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.7 views

PT-2026-31416

Name of the Vulnerable Software and Affected Versions Zammad versions prior to 7.0.1 and prior to 6.5.4 Description Zammad, a web-based open-source helpdesk/customer support system, had insufficient validation in its webhook model for loopback or link-local addresses. Only the URL scheme HTTP/HTT...

8.3CVSS5.8AI score0.00244EPSS
Exploits0References4
NVD
NVD
added 2026/03/26 9:17 p.m.5 views

CVE-2026-33537

Lychee is a free, open-source photo-management tool. The patch introduced for GHSA-cpgw-wgf3-xc6v SSRF via Photo::fromUrl contains an incomplete IP validation check that fails to block loopback addresses and link-local addresses. Prior to version 7.5.1, an authenticated user can still reach...

5.3CVSS0.0026EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/26 8:1 p.m.21 views

CVE-2026-33537 Lychee has SSRF bypass via incomplete IP validation in Photo::fromUrl — loopback and link-local IPs not blocked

Lychee is a free, open-source photo-management tool. The patch introduced for GHSA-cpgw-wgf3-xc6v SSRF via Photo::fromUrl contains an incomplete IP validation check that fails to block loopback addresses and link-local addresses. Prior to version 7.5.1, an authenticated user can still reach...

5.3CVSS0.0026EPSS
Exploits1References2
OSV
OSV
added 2026/03/26 8:1 p.m.7 views

CVE-2026-33537 Lychee has SSRF bypass via incomplete IP validation in Photo::fromUrl — loopback and link-local IPs not blocked

Lychee is a free, open-source photo-management tool. The patch introduced for GHSA-cpgw-wgf3-xc6v SSRF via Photo::fromUrl contains an incomplete IP validation check that fails to block loopback addresses and link-local addresses. Prior to version 7.5.1, an authenticated user can still reach...

5.3CVSS5.9AI score0.0026EPSS
Exploits1References4
EUVD
EUVD
added 2026/03/26 8:1 p.m.7 views

EUVD-2026-16369

Lychee is a free, open-source photo-management tool. The patch introduced for GHSA-cpgw-wgf3-xc6v SSRF via Photo::fromUrl contains an incomplete IP validation check that fails to block loopback addresses and link-local addresses. Prior to version 7.5.1, an authenticated user can still reach...

5.3CVSS5.8AI score0.0026EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/26 8:1 p.m.6 views

CVE-2026-33537

Lychee is a free, open-source photo-management tool. The patch introduced for GHSA-cpgw-wgf3-xc6v SSRF via Photo::fromUrl contains an incomplete IP validation check that fails to block loopback addresses and link-local addresses. Prior to version 7.5.1, an authenticated user can still reach...

5.3CVSS5.8AI score0.0026EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/03/26 8:1 p.m.24 views

CVE-2026-33537

Lychee (open-source photo management) is affected by an SSRF issue in Photo::fromUrl due to incomplete IP validation that does not block loopback and link-local addresses. Before version 7.5.1, an authenticated user could reach internal services via direct IPs, bypassing all four protection confi...

5.3CVSS5.8AI score0.0026EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.12 views

Lychee 代码问题漏洞

Lychee is a beautiful and easy-to-use photo management system developed by The Lychee Organisation. It is used for managing and sharing photos. Versions of Lychee prior to 7.5.1 had code vulnerabilities; these vulnerabilities stemmed from incomplete IP verification checks, which failed to prevent...

5.3CVSS5.9AI score0.0026EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.8 views

PT-2026-28492

Name of the Vulnerable Software and Affected Versions Lychee versions prior to 7.5.1 Description Lychee is a free, open-source photo-management tool. A flaw exists in the IP validation check within the patch for an SSRF issue related to Photo::fromUrl. This incomplete check fails to block loopbac...

5.3CVSS5.9AI score0.0026EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/03/20 12:39 a.m.3 views

CVE-2026-32828

Kargo manages and automates the promotion of software artifacts. In versions 1.4.0 through 1.6.3, 1.7.0-rc.1 through 1.7.8, 1.8.0-rc.1 through 1.8.11, and 1.9.0-rc.1 through 1.9.4, the http and http-download promotion steps allow Server-Side Request Forgery SSRF against link-local addresses, most...

5.1CVSS5.8AI score0.00328EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/03/20 12:39 a.m.4 views

EUVD-2026-13424

Kargo manages and automates the promotion of software artifacts. In versions 1.4.0 through 1.6.3, 1.7.0-rc.1 through 1.7.8, 1.8.0-rc.1 through 1.8.11, and 1.9.0-rc.1 through 1.9.4, the http and http-download promotion steps allow Server-Side Request Forgery SSRF against link-local addresses, most...

5.1CVSS5.8AI score0.00328EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/16 8:47 p.m.2 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via httprequester.go and httpdownloader.go‎. An attacker can access internal network resources and exfiltrate sensitive data by crafting malicious promotion templates or Promotion resources that trigger...

5.1CVSS5.8AI score0.00328EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/16 8:47 p.m.8 views

Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration

Summary Kargo's built-in http and http-download promotion steps execute outbound HTTP requests from the Kargo controller. By design, these steps do not restrict destination addresses, as there are legitimate use cases for requests to internal and private endpoints. However, this also permits...

5.1CVSS6AI score0.00328EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/16 8:47 p.m.8 views

GHSA-J94X-8WCP-X7HM Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration

Summary Kargo's built-in http and http-download promotion steps execute outbound HTTP requests from the Kargo controller. By design, these steps do not restrict destination addresses, as there are legitimate use cases for requests to internal and private endpoints. However, this also permits...

5.1CVSS6AI score0.00328EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.4 views

PT-2026-26462

Name of the Vulnerable Software and Affected Versions Kargo versions 1.4.0 through 1.6.3 Kargo versions 1.7.0-rc.1 through 1.7.8 Kargo versions 1.8.0-rc.1 through 1.8.11 Kargo versions 1.9.0-rc.1 through 1.9.4 Description Kargo's built-in http and http-download promotion steps allow Server-Side...

5.1CVSS5.9AI score0.00328EPSS
Exploits0References7
OSV
OSV
added 2026/01/08 1:57 p.m.4 views

CVE-2026-21885 Miniflux Media Proxy SSRF via /proxy endpoint allows access to internal network resources

Miniflux 2 is an open source feed reader. Prior to version 2.2.16, Miniflux's media proxy endpoint GET /proxy/encodedDigest/encodedURL can be abused to perform Server-Side Request Forgery SSRF. An authenticated user can cause Miniflux to generate a signed proxy URL for attacker-chosen media URLs...

6.5CVSS6.7AI score0.00258EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2025/12/14 9:27 p.m.4 views

CVE-2025-13281

A half-blind Server Side Request Forgery SSRF vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network including link-local ...

5.8CVSS6.5AI score0.00355EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/12/08 9:5 a.m.3 views

Bluetooth: 6lowpan: reset link-local header on ipv6 recv path

...

5.5CVSS6.8AI score0.00171EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/12/08 12:23 a.m.4 views

SUSE CVE-2025-40282

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: 6lowpan: reset link-local header on ipv6 recv path Bluetooth 6lowpan.c netdev has headerops, so it must set link-local header for RX skb, otherwise things crash, eg. with AFPACKET SOCKRAW Add missing skbresetmacheader...

6.5CVSS6.5AI score0.00171EPSS
Exploits0References21
RedhatCVE
RedhatCVE
added 2025/12/07 9:55 p.m.9 views

CVE-2025-40282

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: 6lowpan: reset link-local header on ipv6 recv path Bluetooth 6lowpan.c netdev has headerops, so it must set link-local header for RX skb, otherwise things crash, eg. with AFPACKET SOCKRAW Add missing skbresetmacheader...

5.6AI score0.00171EPSS
Exploits0References4
Rows per page
Query Builder