103 matches found
CVE-2026-25493 Craft has a SSRF in GraphQL Asset Mutation via HTTP Redirect
Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAsset GraphQL mutation validates the initial URL hostname and resolved IP against a blocklist, but Guzzle follows HTTP redirects by default. An attacker can bypa...
Pydantic AI has Server-Side Request Forgery (SSRF) in URL Download Handling
Summary A Server-Side Request Forgery SSRF vulnerability exists in Pydantic AI's URL download functionality. When applications accept message history from untrusted sources, attackers can include malicious URLs that cause the server to make HTTP requests to internal network resources, potentially...
PT-2026-3516
Name of the Vulnerable Software and Affected Versions Chainlit versions prior to 2.9.4 Description Chainlit versions prior to 2.9.4 have a server-side request forgery SSRF issue in the /project/element update flow when using the SQLAlchemy data layer backend. An authenticated client can control t...
Exploit for CVE-2025-45955
CVE-2025-45955 🕳️ Server-Side Request Forgery in DonWeb Ferozo...
CVE-2025-68437
Craft is a platform for creating digital experiences. In versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16, the Craft CMS GraphQL saveAsset mutation is vulnerable to Server-Side Request Forgery SSRF. This vulnerability arises because the file input, specifically its url parameter,...
CVE-2025-67743
Local Deep Research is an AI-powered research assistant for deep, iterative research. In versions from 1.3.0 to before 1.3.9, the download service downloadservice.py makes HTTP requests using raw requests.get without utilizing the application's SSRF protection saferequests.py. This can allow...
EUVD-2025-204778
Local Deep Research is Vulnerable to Server-Side Request Forgery SSRF in Download Service...
Server-side Request Forgery (SSRF)
Overview local-deep-research is an AI-powered research assistant with deep, iterative analysis using LLMs and web searches Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the downloadservice.py service. An attacker can access internal services and attempt ...
CVE-2025-67743 Local Deep Research is Vulnerable to Server-Side Request Forgery (SSRF) in Download Service
Local Deep Research is an AI-powered research assistant for deep, iterative research. In versions from 1.3.0 to before 1.3.9, the download service downloadservice.py makes HTTP requests using raw requests.get without utilizing the application's SSRF protection saferequests.py. This can allow...
PT-2025-52729
Name of the Vulnerable Software and Affected Versions Local Deep Research versions 1.3.0 through 1.3.8 Description The software is an AI-powered research assistant. A flaw exists in the download service download service.py where HTTP requests are made using raw requests.get calls, bypassing the...
GHSA-5993-7P27-66G5 Langflow vulnerable to Server-Side Request Forgery
Vulnerability Overview Langflow provides an API Request component that can issue arbitrary HTTP requests within a flow. This component takes a user-supplied URL, performs only normalization and basic format checks, and then sends the request using a server-side httpx client. It does not block...
Langflow 安全漏洞
Langflow is a Langflow open source visualization framework for building multi-agent and RAG applications. A security vulnerability exists in Langflow versions prior to 1.7.0 that stems from the API Request component not blocking private IP ranges and cloud metadata endpoints, which could lead to...
CVE-2025-65958 Open WebUI vulnerable to Server-Side Request Forgery (SSRF) via Arbitrary URL Processing in /api/v1/retrieval/process/web
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.37, a Server-Side Request Forgery SSRF vulnerability in Open WebUI allows any authenticated user to force the server to make HTTP requests to arbitrary URLs. This can be exploited to...
GHSA-HHH5-2CVX-VMFP Portkey.ai Gateway: Server-Side Request Forgery (SSRF) in Custom Host
Summary The gateway determines the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF CWE-918 attack Impact This vulnerabilit...
CVE-2025-64522
Soft Serve is a self-hostable Git server for the command line. Versions prior to 0.11.1 have a SSRF vulnerability where webhook URLs are not validated, allowing repository administrators to create webhooks targeting internal services, private networks, and cloud metadata endpoints. Version 0.11.1...
EUVD-2024-41627
Malicious code in bioql PyPI...
CVE-2024-45843
Mattermost versions 9.5.x = 9.5.8 fail to include the metadata endpoints of Oracle Cloud and Alibaba in the SSRF denylist, which allows an attacker to possibly cause an SSRF if Mattermost was deployed in Oracle Cloud or Alibaba...
CVE-2025-0188 SSRF in gaizhenbiao/chuanhuchatgpt
A Server-Side Request Forgery SSRF vulnerability was discovered in gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability allows an attacker to construct a response link by saving the response in a folder named after the SHA-1 hash of the target URL. This enables the attacker to access th...
CVE-2025-0188
CVE-2025-0188 concerns a Server-Side Request Forgery (SSRF) in the project gaizhenbiao/chuanhuchatgpt, version 20240914. The described flaw allows an attacker to craft a response link by saving content to a folder named after the SHA-1 hash of the target URL, which can enable direct access to the...
Server Side Request Forgery (SSRF)
Mattermost is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to the omission of Oracle Cloud and Alibaba's metadata endpoints from the SSRF denylist, allowing attackers to exploit this gap for unauthorized requests...