4 matches found
CVE-2026-32857
Firecrawl version 2.8.0 and prior contain a server-side request forgery SSRF protection bypass vulnerability in the Playwright scraping service where network policy validation is applied only to the initial user-supplied URL and not to subsequent redirect destinations. Attackers can supply an...
EUVD-2026-16275
Firecrawl version 2.8.0 and prior contain a server-side request forgery SSRF protection bypass vulnerability in the Playwright scraping service where network policy validation is applied only to the initial user-supplied URL and not to subsequent redirect destinations. Attackers can supply an...
CVE-2026-32857
Firecrawl version 2.8.0 and prior contain a server-side request forgery SSRF protection bypass vulnerability in the Playwright scraping service where network policy validation is applied only to the initial user-supplied URL and not to subsequent redirect destinations. Attackers can supply an...
PT-2026-28444
Name of the Vulnerable Software and Affected Versions Firecrawl versions 2.8.0 and earlier Description The software contains a server-side request forgery SSRF protection bypass in the Playwright scraping service. The network policy validation is applied only to the initial URL provided by the us...