Lucene search
K

112 matches found

NVD
NVD
added 2026/04/20 5:16 a.m.5 views

CVE-2026-6604

A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function parseurl/prepareimage/openaiaudiototext of the file src/agentscope/tool/multimodality/openaitools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument...

7.5CVSS0.00284EPSS
Exploits0References4
CVE
CVE
added 2026/04/20 4:15 a.m.31 views

CVE-2026-6604

The CVE-2026-6604 entry affects modelscope agentscope up to version 1.0.18, specifically the Cloud Metadata Endpoint’s _openai_tools.py functions _parse_url, prepare_image, and openai_audio_to_text. The vulnerability arises from manipulating image_url/audio_file_url, enabling server-side request ...

7.5CVSS6.7AI score0.00284EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/20 4:15 a.m.3 views

CVE-2026-6604

A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function parseurl/prepareimage/openaiaudiototext of the file src/agentscope/tool/multimodality/openaitools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument...

7.5CVSS5.4AI score0.00284EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/20 4:15 a.m.36 views

CVE-2026-6604 modelscope agentscope Cloud Metadata Endpoint _openai_tools.py openai_audio_to_text server-side request forgery

A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function parseurl/prepareimage/openaiaudiototext of the file src/agentscope/tool/multimodality/openaitools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument...

7.5CVSS0.00284EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.7 views

PT-2026-33710

A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function parse url/prepare image/openai audio to text of the file src/agentscope/tool/ multi modality/ openai tools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument...

7.5CVSS5.4AI score0.00284EPSS
Exploits0References5
NVD
NVD
added 2026/04/06 5:17 p.m.3 views

CVE-2026-35037

Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to 4.2.8, the GET /api/website/title endpoint accepts an arbitrary URL via the websiteurl query parameter and makes a server-side HTTP request to it without any validation of the target host or IP address. Th...

7.2CVSS0.00289EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.8 views

PT-2026-30015

Name of the Vulnerable Software and Affected Versions Ech0 versions prior to 4.2.8 Description The GET /api/website/title endpoint is susceptible to Server-Side Request Forgery SSRF. The endpoint accepts an arbitrary URL via the website url query parameter and makes a server-side HTTP request to ...

7.2CVSS6AI score0.00289EPSS
Exploits2References6
OSV
OSV
added 2026/03/26 8:33 p.m.3 views

GO-2026-4854 DigitalOcean Droplet Agent: Command Injection via Metadata Service Endpoint in github.com/digitalocean/droplet-agent

DigitalOcean Droplet Agent: Command Injection via Metadata Service Endpoint in github.com/digitalocean/droplet-agent...

8.8CVSS5.9AI score0.02502EPSS
Exploits2References6
RedhatCVE
RedhatCVE
added 2026/03/26 3:1 p.m.5 views

CVE-2026-27826

MCP Atlassian is a Model Context Protocol MCP server for Atlassian products Confluence and Jira. Prior to version 0.17.0, an unauthenticated attacker who can reach the mcp-atlassian HTTP endpoint can force the server process to make outbound HTTP requests to an arbitrary attacker-controlled URL b...

8.2CVSS6AI score0.14958EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/03/25 12:24 a.m.4 views

SUSE CVE-2026-32828

Kargo manages and automates the promotion of software artifacts. In versions 1.4.0 through 1.6.3, 1.7.0-rc.1 through 1.7.8, 1.8.0-rc.1 through 1.8.11, and 1.9.0-rc.1 through 1.9.4, the http and http-download promotion steps allow Server-Side Request Forgery SSRF against link-local addresses, most...

5.1CVSS5.8AI score0.00328EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/23 6:30 p.m.5 views

DigitalOcean Droplet Agent: Command Injection via Metadata Service Endpoint

A command injection vulnerability exists in DigitalOcean Droplet Agent through 1.3.2. The troubleshooting actioner component internal/troubleshooting/actioner/actioner.go processes metadata from the metadata service endpoint and executes commands specified in the TroubleshootingAgent.Requesting...

8.8CVSS6.3AI score0.02502EPSS
Exploits2References6Affected Software1
CVE
CVE
added 2026/03/23 12:0 a.m.39 views

CVE-2026-24516

DigitalOcean Droplet Agent (droplet-agent)

8.8CVSS6.3AI score0.02502EPSS
Exploits2References4
ATTACKERKB
ATTACKERKB
added 2026/03/20 12:39 a.m.3 views

CVE-2026-32828

Kargo manages and automates the promotion of software artifacts. In versions 1.4.0 through 1.6.3, 1.7.0-rc.1 through 1.7.8, 1.8.0-rc.1 through 1.8.11, and 1.9.0-rc.1 through 1.9.4, the http and http-download promotion steps allow Server-Side Request Forgery SSRF against link-local addresses, most...

5.1CVSS5.8AI score0.00328EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/03/20 12:39 a.m.4 views

EUVD-2026-13424

Kargo manages and automates the promotion of software artifacts. In versions 1.4.0 through 1.6.3, 1.7.0-rc.1 through 1.7.8, 1.8.0-rc.1 through 1.8.11, and 1.9.0-rc.1 through 1.9.4, the http and http-download promotion steps allow Server-Side Request Forgery SSRF against link-local addresses, most...

5.1CVSS5.8AI score0.00328EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/20 12:39 a.m.2 views

CVE-2026-32828 Kargo: SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration

Kargo manages and automates the promotion of software artifacts. In versions 1.4.0 through 1.6.3, 1.7.0-rc.1 through 1.7.8, 1.8.0-rc.1 through 1.8.11, and 1.9.0-rc.1 through 1.9.4, the http and http-download promotion steps allow Server-Side Request Forgery SSRF against link-local addresses, most...

5.1CVSS5.8AI score0.00328EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/18 8:22 p.m.5 views

Budibase Unrestricted Server-Side Request Forgery (SSRF) via REST Datasource Query Preview

Summary The REST datasource query preview endpoint POST /api/queries/preview makes server-side HTTP requests to any URL supplied by the user in fields.path with no validation. An authenticated admin can reach internal services that are not exposed to the internet — including cloud metadata...

8.7CVSS5.8AI score0.00367EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/03/16 9:17 p.m.3 views

GHSA-6J68-GCC3-MQ73 Admidio Vulnerable to SSRF and Local File Read via Unrestricted URL Fetch in SSO Metadata Endpoint

Summary The SSO metadata fetch endpoint at modules/sso/fetchmetadata.php accepts an arbitrary URL via $GET'url', validates it only with PHP's FILTERVALIDATEURL, and passes it directly to filegetcontents. FILTERVALIDATEURL accepts file://, http://, ftp://, data://, and php:// scheme URIs. An...

6.8CVSS5.9AI score0.00428EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/03/16 8:47 p.m.8 views

Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration

Summary Kargo's built-in http and http-download promotion steps execute outbound HTTP requests from the Kargo controller. By design, these steps do not restrict destination addresses, as there are legitimate use cases for requests to internal and private endpoints. However, this also permits...

5.1CVSS6AI score0.00328EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/03/11 10:16 p.m.7 views

CVE-2026-32133

2FAuth is a web app to manage Two-Factor Authentication 2FA accounts and generate their security codes. Prior to 6.1.0, a blind SSRF vulnerability exists in 2FAuth that allows authenticated users to make arbitrary HTTP requests from the server to internal networks and cloud metadata endpoints. Th...

9.1CVSS0.00505EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/09 5:42 p.m.4 views

EUVD-2026-10170

Parse Server: File metadata endpoint bypasses beforeFind / afterFind trigger authorization...

6.3CVSS5.8AI score0.00295EPSS
Exploits0References2
Rows per page
Query Builder