CVE-2026-4789 CVE-2026-4789

Kyverno, versions 1.16.0 and later, are vulnerable to SSRF due to unrestricted CEL HTTP functions...

CVE-2026-4789

CVE-2026-4789 : Kyverno versions >=1.16.0 are vulnerable to SSRF via the CEL HTTP library used in CEL-based policies. The issue stems from the http.Get/http.Post functions in pkg/cel/libs/http/http.go not enforcing URL restrictions, enabling an attacker with namespace-scoped policy creation pe...

CVE-2026-29925

Invoice Ninja v5.12.46 and v5.12.48 is vulnerable to Server-Side Request Forgery SSRF in CheckDatabaseRequest.php...

EUVD-2026-17133

In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have an SSRF vulnerability when processing the chartURL field of ResourceComposition resources. The field is only URL-encoded without validating the target address. More critically, when kubeconfiggenerator uses wget to...

CVE-2026-5126

A flaw has been found in SourceCodester RSS Feed Parser 1.0. Affected by this issue is the function filegetcontents. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been published and may be used...

FHIR Validator HTTP service has SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft

Summary The FHIR Validator HTTP service exposes an unauthenticated /loadIG endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith URL prefix matching flaw in the credential provider ManagedWebAccessUtils.getServer, an attacker can steal authentication...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the /loadIG endpoint, which accepts user-supplied URLs and makes server-side HTTP requests without proper validation of hostnames, schemes, or domains. An attacker can probe internal network services...

CVE-2026-29954

In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have an SSRF vulnerability when processing the chartURL field of ResourceComposition resources. The field is only URL-encoded without validating the target address. More critically, when kubeconfiggenerator uses wget to...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the OCI registry token exchange function when the realm URL from the WWW-Authenticate header is not validated for scheme, hostname, or IP range. An attacker can cause the application to make...

CVE-2026-2286

CrewAI contains a server-side request forgery vulnerability that enables content acquisition from internal and cloud services, facilitated by the RAG search tools not properly validating URLs provided at runtime...

CVE-2026-2286 CVE-2026-2286

CrewAI contains a server-side request forgery vulnerability that enables content acquisition from internal and cloud services, facilitated by the RAG search tools not properly validating URLs provided at runtime...

CVE-2026-4315

WatchGuard Fireware OS WebUI CSRF leads to DoS when an authenticated admin visits a malicious page. Affected versions are Fireware OS 11.8–11.12.4+541730, 12.0–12.11.8, and 2025.1–2026.1.2. No exploit details or mitigations are provided here; refer to the watchdog advisory (WGSA-2026-00006) for g...

PT-2026-29023

I’ve added a new entry to my CVE list , CVE number 1️⃣ 3️⃣ . CVE-2026-4315 The issue is a Cross-Site Request Forgery CSRF in the Fireware OS Web UI that can allow a remote attacker to trigger a denial-of-service DoS condition by luring an authenticated administrator into visiting a malicious page...

PT-2026-29093

A flaw has been found in SourceCodester RSS Feed Parser 1.0. Affected by this issue is the function file get contents. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been published and may be used...

PT-2026-29059

In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have an SSRF vulnerability when processing the chartURL field of ResourceComposition resources. The field is only URL-encoded without validating the target address. More critically, when kubeconfiggenerator uses wget to...

FHIR Validator HTTP service has SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft

The FHIR Validator HTTP service exposes an unauthenticated /loadIG endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith URL prefix matching flaw in the credential provider ManagedWebAccessUtils.getServer, an attacker can steal authentication tokens...

Spring AI 1.0.x < 1.0.5 / 1.1.x < 1.1.4 Multiple Vulnerabilities

The version of Spring AI installed on the remote host is 1.0.x prior to 1.0.5 or 1.1.x prior to 1.1.4. It is, therefore, affected by multiple vulnerabilities, including: - A SpEL injection vulnerability exists in SimpleVectorStore when a user-supplied value is used as a filter expression key. A...

Debian dla-4517 : roundcube - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4517 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4517-1 [email protected] https://www.debian.org/lts/security/...

CVE-2026-5016

A vulnerability was identified in elecV2 elecV2P up to 3.8.3. This affects the function eAxios of the file /mock of the component URL Handler. Such manipulation of the argument req leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly availabl...

CVE-2026-0560

A Server-Side Request Forgery SSRF vulnerability exists in parisneo/lollms versions prior to 2.2.0, specifically in the /api/files/export-content endpoint. The downloadimagetotemp function in backend/routers/files.py fails to validate user-controlled URLs, allowing attackers to make arbitrary HTT...