Lucene search
+L

1981 matches found

Cvelist
Cvelist
added 1 hour ago5 views

CVE-2026-54242 Statamic: Server-Side Request Forgery via Glide (DNS rebinding)

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, the Glide image proxy's URL validation in src/Imaging/RemoteUrlValidator.php and src/Imaging/GuzzleAdapter.php could be bypassed using DNS rebinding. The remote hostname was validated as publicly...

4.9CVSS
Exploits0References5
CVE
CVE
added 1 hour ago24 views

CVE-2026-54242

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, the Glide image proxy's URL validation in src/Imaging/RemoteUrlValidator.php and src/Imaging/GuzzleAdapter.php could be bypassed using DNS rebinding. The remote hostname was validated as publicly...

4.9CVSS5.4AI score
Exploits0References5
Nuclei
Nuclei
added 17 hours ago46 views

MindsDB -DNS Rebinding SSRF Protection Bypass

Detects DNS rebinding vulnerability that allows bypass of SSRF protection. The vulnerability exists in the URL validation mechanism where DNS resolution is performed without considering DNS rebinding attacks. id: CVE-2024-24759 info: name: MindsDB -DNS Rebinding SSRF Protection Bypass author: Lee...

9.3CVSS5.2AI score0.04936EPSS
Exploits1References2
CVE
CVE
added 21 hours ago8 views

CVE-2026-62212

CVE-2026-62212 affects OpenClaw prior to 2026.5.28. A race condition exists in the MS Teams safeFetch DNS rebinding check when the affected feature is enabled and reachable. A lower-trust caller or configured input path could win the timing window between DNS validation and usage, enabling action...

7.1CVSS6.1AI score
Exploits0References2
Cvelist
Cvelist
added 21 hours ago9 views

CVE-2026-62212 OpenClaw < 2026.5.28 Authentication Bypass via safeFetch

OpenClaw before 2026.5.28 contains a race condition in the MS Teams safeFetch DNS rebinding check. When the affected feature is enabled and reachable, a lower-trust caller or configured input path could win a timing window between the DNS validation check and use, allowing actions that should hav...

7.1CVSS
Exploits0References2
NVD
NVD
added 2 days ago7 views

CVE-2026-61430

PraisonAI before 1.6.78 contains a server-side request forgery vulnerability in the webcrawl tool that validates hostnames at check time but re-resolves them at connection time without IP pinning. Attackers can use DNS rebinding to bypass SSRF protection and retrieve internal HTTP response bodies...

8.5CVSS0.00205EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2 days ago6 views

nodejs: Node.js: Silent authority rebinding due to embedded-nul hostnames in TLS handling

A flaw was found in Node.js. This vulnerability in the TLS Transport Layer Security hostname handling allows embedded null characters in hostnames. This can lead to silent authority rebinding, potentially enabling an attacker to redirect network traffic to an unintended server and disclose...

9.8CVSS6.6AI score0.00405EPSS
Exploits0References7
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-61430 PraisonAI before 1.6.78 DNS Rebinding SSRF via web_crawl

PraisonAI before 1.6.78 contains a server-side request forgery vulnerability in the webcrawl tool that validates hostnames at check time but re-resolves them at connection time without IP pinning. Attackers can use DNS rebinding to bypass SSRF protection and retrieve internal HTTP response bodies...

8.5CVSS0.00205EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-44639

PraisonAI before 1.6.78 contains a server-side request forgery vulnerability in the webcrawl tool that validates hostnames at check time but re-resolves them at connection time without IP pinning. Attackers can use DNS rebinding to bypass SSRF protection and retrieve internal HTTP response bodies...

8.5CVSS6.1AI score0.00205EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-43555

CrewAI before 1.15.1 contains a server-side request forgery vulnerability in the validateurl function that performs one-shot DNS resolution and blocklist checks before returning the original URL unchanged. Attackers can bypass the security filter by supplying URLs that redirect to internal...

8.3CVSS6.1AI score0.00287EPSS
Exploits1References6
CVE
CVE
added 4 days ago9 views

CVE-2026-62240

CVE-2026-62240 overview : CrewAI before 1.15.1 is affected by a server-side request forgery in the validate_url function, which performs one-shot DNS resolution and blocklist checks before returning the original URL unchanged. An attacker can bypass the security filter by providing URLs that redi...

8.3CVSS6.1AI score0.00287EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-62240 CrewAI < 1.15.1 SSRF Filter Bypass via HTTP Redirect in Scrape Tools

CrewAI before 1.15.1 contains a server-side request forgery vulnerability in the validateurl function that performs one-shot DNS resolution and blocklist checks before returning the original URL unchanged. Attackers can bypass the security filter by supplying URLs that redirect to internal...

8.3CVSS0.00287EPSS
Exploits1References5
OSV
OSV
added 4 days ago3 views

CVE-2026-62240 CrewAI < 1.15.1 SSRF Filter Bypass via HTTP Redirect in Scrape Tools

CrewAI before 1.15.1 contains a server-side request forgery vulnerability in the validateurl function that performs one-shot DNS resolution and blocklist checks before returning the original URL unchanged. Attackers can bypass the security filter by supplying URLs that redirect to internal...

8.3CVSS6.1AI score0.00287EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 4 days ago5 views

PT-2026-57904

Name of the Vulnerable Software and Affected Versions CrewAI versions prior to 1.15.1 Description A server-side request forgery SSRF issue exists in the validate url function. The function performs one-shot DNS resolution and blocklist checks but returns the original URL unchanged. This allows...

8.3CVSS6.1AI score0.00287EPSS
Exploits1References7
NVD
NVD
added 6 days ago9 views

CVE-2026-61429

PraisonAI versions before 1.6.78 contain a server-side request forgery vulnerability in the Crawl4AI/Chromium backend that allows attackers to bypass SSRF validation by exploiting DNS rebinding and HTTP redirects. Attackers can craft URLs that resolve to internal services after the initial...

8.5CVSS0.00221EPSS
Exploits0References2
CVE
CVE
added 6 days ago24 views

CVE-2026-61429

CVE-2026-61429 affects PraisonAI before 1.6.78. A SSRF in the Crawl4AI/Chromium backend allows bypassing initial validation via DNS rebinding and HTTP redirects, enabling a headless browser to access internal services and read internal responses including sensitive canary values. The CVSS metrics...

8.5CVSS6.1AI score0.00221EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-61429 PraisonAI before 1.6.78 SSRF via Crawl4AI Chromium backend

PraisonAI versions before 1.6.78 contain a server-side request forgery vulnerability in the Crawl4AI/Chromium backend that allows attackers to bypass SSRF validation by exploiting DNS rebinding and HTTP redirects. Attackers can craft URLs that resolve to internal services after the initial...

8.5CVSS0.00221EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-43178

PraisonAI versions before 1.6.78 contain a server-side request forgery vulnerability in the Crawl4AI/Chromium backend that allows attackers to bypass SSRF validation by exploiting DNS rebinding and HTTP redirects. Attackers can craft URLs that resolve to internal services after the initial...

8.5CVSS6.1AI score0.00221EPSS
Exploits0References2
NVD
NVD
added 2026/07/10 6:16 p.m.7 views

CVE-2026-55671

ZITADEL is an open source identity management platform. From 4.0.0-rc.1 through 4.15.1, ZITADEL's HTTP notification channels, OIDC BackChannel Logout, and SAML metadata URL fetches do not consistently validate user-defined URLs against protected denylist handling, allowing server-side requests to...

2.3CVSS0.00252EPSS
Exploits0References3
OSV
OSV
added 2026/07/10 6:1 p.m.2 views

GHSA-489G-7RXV-6C8Q MCP Atlassian: DNS-rebinding TOCTOU bypass of the SSRF fix (CVE-2026-27826)

Summary GHSA-7r34-79r5-rcc9's fix added validateurlforssrf, which resolves the attacker-controlled X-Atlassian-Jira,Confluence-Url header host once at middleware time and trusts the result. But the outbound request is later built with the raw hostname and re-resolves at connect time with no IP...

6.5CVSS6.1AI score
Exploits0References2
Rows per page
Query Builder