163 matches found
CVE-2026-57575
Misskey (open source federated social platform) contains a Server-Side Request Forgery (SSRF) vulnerability in the UrlPreviewService prior to version 2026.6.0. The issue arises from insufficient network restrictions before outbound requests, allowing an attacker to trigger the Misskey server to i...
CVE-2026-57575 Misskey: SSRF bypass in URL Preview
Misskey is an open source, federated social media platform. Prior to 2026.6.0, Misskey contains a Server-Side Request Forgery SSRF vulnerability in URL preview functionality in UrlPreviewService. Due to missing network restrictions before establishing outbound connections, a remote attacker can...
CVE-2026-54821
Subscriber Sensitive Data Exposure in Visual Link Preview = 2.3.1 versions...
EUVD-2026-39363
Subscriber Sensitive Data Exposure in Visual Link Preview = 2.3.1 versions...
CVE-2026-54821
Subscriber Sensitive Data Exposure in Visual Link Preview = 2.3.1 versions...
CVE-2026-54821 WordPress Visual Link Preview plugin <= 2.3.1 - Sensitive Data Exposure vulnerability
Subscriber Sensitive Data Exposure in Visual Link Preview = 2.3.1 versions...
CVE-2026-54821
The CVE-2026-54821 entry concerns the WordPress Visual Link Preview plugin, affected versions are
PT-2026-52410
Name of the Vulnerable Software and Affected Versions Visual Link Preview versions 2.3.1 and earlier Description Subscriber sensitive data exposure occurs in the software, potentially allowing unauthorized access to private information. Recommendations Disable or isolate the software immediately...
WordPress Visual Link Preview plugin <= 2.3.1 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by she11f in WordPress Plugin Visual Link Preview versions = 2.3.1...
CVE-2026-48878
Subscriber Sensitive Data Exposure in Visual Link Preview = 2.4.1 versions...
CVE-2026-48878 WordPress Visual Link Preview plugin <= 2.4.1 - Sensitive Data Exposure vulnerability
Subscriber Sensitive Data Exposure in Visual Link Preview = 2.4.1 versions...
EUVD-2026-36854
Subscriber Sensitive Data Exposure in Visual Link Preview = 2.4.1 versions...
CVE-2026-48878
The CVE-2026-48878 entry describes a Sensitive Data Exposure vulnerability in the WordPress Visual Link Preview plugin up to version 2.4.1. Affected software: WordPress Visual Link Preview plugin (versions
PT-2026-49484
Name of the Vulnerable Software and Affected Versions Visual Link Preview versions prior to 2.4.2 Description An issue in the plugin leads to the exposure of sensitive subscriber data. Recommendations Update to version 2.4.2 or later...
SUSE CVE-2026-11017
Inappropriate implementation in Link Preview in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11017
An inappropriate implementation flaw was found in the Link Preview component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497336872...
CVE-2026-43897
Link Preview JS extracts web links information. Prior to 4.0.1, the library did not check for IPv6 loopback attacks. There was also a DNS attack, where an address could be resolved into an internal IP. This could cause internal data leaks. This vulnerability is fixed in 4.0.1...
Chromium: CVE-2026-11017 Inappropriate implementation in Link Preview
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
EUVD-2026-34466
Inappropriate implementation in Link Preview in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
Linux Distros Unpatched Vulnerability : CVE-2026-11017
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Link Preview in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypas...