CVE-2026-44015 Nginx UI: Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware Allows Access to Internal Services

Nginx UI is a web user interface for the Nginx web server. In 2.3.4 and earlier, an authenticated user can perform Server-Side Request Forgery SSRF by creating a cluster node pointing to an arbitrary internal URL and then sending API requests with the X-Node-ID header. The Proxy middleware forwar...

CVE-2026-44015 Nginx UI: Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware Allows Access to Internal Services

Nginx UI is a web user interface for the Nginx web server. In 2.3.4 and earlier, an authenticated user can perform Server-Side Request Forgery SSRF by creating a cluster node pointing to an arbitrary internal URL and then sending API requests with the X-Node-ID header. The Proxy middleware forwar...

CVE-2026-44015

CVE-2026-44015 describes SSRF in Nginx UI prior to 2.3.5 where an authenticated user can create a cluster node with an internal URL and trigger the Proxy middleware to forward requests using the X-Node-ID header, bypassing network segmentation and reaching localhost/internal services (including c...

Nginx UI 代码问题漏洞

Nginx UI is a web interface for Nginx developed by Jacky. Versions of Nginx UI 2.3.4 and earlier have code vulnerabilities. This vulnerability allows authenticated users to create cluster nodes that point to arbitrary internal URLs and send API requests with the X-Node-ID header, resulting in SSR...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Proxy process. An attacker can access internal services, retrieve sensitive cloud metadata, port-scan internal networks, or trigger internal-only endpoints by creating a cluster node with an...

Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services

An authenticated user can perform Server-Side Request Forgery SSRF by creating a cluster node pointing to an arbitrary internal URL and then sending API requests with the X-Node-ID header. The Proxy middleware forwards these requests to the attacker-specified internal address, bypassing network...

Malicious Package

Overview node-header-api is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in node-header-api (npm)

The package node-header-api was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 737c7084e5d219ef029433bcf771c92777fbd570a1b9a22699d7e503ce664e7a Any computer that has this package installed or running should be considered fully...

MAL-2025-47080 Malicious code in node-header-api (npm)

The package node-header-api was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 737c7084e5d219ef029433bcf771c92777fbd570a1b9a22699d7e503ce664e7a Any computer that has this package installed or running should be considered fully...

SUSE CVE-2019-16226

An issue was discovered in py-lmdb 0.97. mdbnodedel does not validate a memmove in the case of an unexpected node-mnhi, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker...

Joplin 跨站脚本漏洞

Joplin is an open source notes and to-do list application. A security vulnerability exists in Joplin version v2.8.8, which stems from the fact that an attacker can execute arbitrary commands by injecting a crafted payload into a Node header...

GHSA-G7Q5-PJJR-GQVP Regular Expression Denial of Service in tough-cookie

Affected versions of tough-cookie are susceptible to a regular expression denial of service. The amplification on this vulnerability is relatively low - it takes around 2 seconds for the engine to execute on a malicious input which is 50,000 characters in length. If node was compiled using the...

Drupal Webform module cross-site scripting vulnerability (CNVD-2015-03861)

Drupal is a free and open source content management system developed in PHP. webform is a market research questionnaire module. A cross-site scripting vulnerability exists in the Drupal Webform module processing node header, which allows remote attackers to exploit the vulnerability to inject...

Drupal Quizzler Module Cross-Site Scripting Vulnerability

The Drupal Quizzler module is a Drupal module for creating online tests. A cross-site scripting vulnerability exists in Drupal Quizzler module versions prior to 7-x.1.16. This allows an authenticated, remote attacker to inject arbitrary web script or HTML via a node header...