CVE-2026-43985 Taultulli has CSRF in /configUpdate via missing anti-CSRF and method restriction that allows admin credential takeover

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose configUpdate as a state-changing administrator endpoint, but the route does not enforce POST and does not use any anti-CSRF token. In the default form and JWT-based authentication mode,...

PT-2026-46259

Name of the Vulnerable Software and Affected Versions Tautulli versions prior to 2.17.1 Description Tautulli contains a Server-Side Request Forgery SSRF issue where a public endpoint '/image/' resolves entries from image hash lookup and processes them using the same server-side image fetch logic ...

Kibana 9.3.x < 9.3.3 SSRF (ESA-2026-40)

The version of Kibana installed on the remote host is 9.3.x prior to 9.3.3. It is, therefore, affected by a vulnerability as referenced in the ESA-2026-40 advisory. - Server-Side Request Forgery CWE-918 in Kibana can allow an authenticated user with connector management privileges to bypass the...

JetBrains TeamCity < 2025.11.5 Multiple Vulnerabilities

The version of JetBrains TeamCity installed on the remote host is prior to 2025.11.5. It is, therefore, affected by multiple vulnerabilities: - In JetBrains TeamCity before 2026.1, 2025.11.5 authenticated users could expose server API to unauthorised access CVE-2026-44413 - In JetBrains TeamCity...

Server-side Request Forgery (SSRF)

Overview docling-core is an A python library to define and validate data types in Docling. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the resolveremotefilename function, which processes headers from remote requests. An attacker can access sensitive fil...

Server-side Request Forgery (SSRF)

Overview docling is a SDK and CLI for parsing PDF, DOCX, HTML, and more, to a unified document representation for powering downstream workflows such as gen AI applications. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the HTML rendering process when the...

CVE-2026-20230

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

WordPress Plugin "Zoho Mail for WordPress" vulnerable to cross-site request forgery

Overview WordPress Plugin "Zoho Mail for WordPress" provided by Zoho Corporation contains the following vulnerability. Cross-site request forgery CWE-352 - CVE-2026-8174 Norio Abe reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

Desktop Commander MCP 安全漏洞

Desktop Commander MCP is an MCP server developed by Eduard Ruzga. Version 0.2.37 of Desktop Commander MCP contains a security vulnerability. This vulnerability stems from the handling of the url parameter in the readFileFromUrl function found in the src/tools/filesystem.ts file. This vulnerabilit...

PT-2026-46100

Impact In versions = 1.5.0, = 2.74.1 Workarounds If upgrading is not immediately possible, avoid passing untrusted URLs into remote fetch functionality. References - Fix release: v2.74.1...

CVE-2026-9732

The EmergencyWP – Dead Man's switch & legacy deliverance plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. This is due to missing or incorrect nonce validation on the formsettingsui settings save handler, procedural include scope functio...

CVE-2026-9732

The CVE concerns the WordPress plugin “EmergencyWP – Dead Man's switch & legacy deliverance” up to version 1.4.2. The root cause is missing or incorrect nonce validation in the form_settings_ui (settings save handler) function, enabling Cross-Site Request Forgery. This allows unauthenticated atta...

CVE-2026-10662

A vulnerability was found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The affected element is the function requests.get of the file src/blendermcp/server.py of the component ZIP File Handler. The manipulation of the argument zipfileurl results in server-side request...

CVE-2026-49120

Medplum before 5.1.14 contains a server-side request forgery vulnerability in the subscription worker that allows authenticated users to perform unauthorized internal network requests by creating FHIR Subscription resources with arbitrary endpoint URLs. Attackers can point subscription endpoints ...

CVE-2026-49120 Medplum < 5.1.14 SSRF via FHIR Subscription Endpoint

Medplum before 5.1.14 contains a server-side request forgery vulnerability in the subscription worker that allows authenticated users to perform unauthorized internal network requests by creating FHIR Subscription resources with arbitrary endpoint URLs. Attackers can point subscription endpoints ...

CVE-2026-10240

A vulnerability was identified in JeecgBoot up to 3.9.2. The impacted element is an unknown function of the file /airag/airagModel/test. The manipulation of the argument baseUrl leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit is publicly...

CVE-2026-8993

D.Launcher 2 component of Slovak eID client ecosystem contains Improper URL Handler Processing vulnerability. Application registers multiple custom URL handlers that could be exploited to initiate full NTLM autentication or SMB connection to attacker infrastructure and to conduct SSRF Server Side...

CVE-2026-9722 Laiser Tag <= 1.2.5 - Cross-Site Request Forgery to Plugin Settings Update via Settings Form

The Laiser Tag plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.5. This is due to missing or incorrect nonce validation on the addOptionsPageFields function. This makes it possible for unauthenticated attackers to update the plugin's...

CVE-2026-9722

The CVE-2026-9722 entry concerns the WordPress plugin Laiser Tag, affected versions ≤ 1.2.5. The root cause is missing or incorrect nonce validation in the addOptionsPageFields function, enabling Cross-Site Request Forgery. This allows unauthenticated attackers to modify plugin settings (API key,...

EUVD-2026-33899

The Laiser Tag plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.5. This is due to missing or incorrect nonce validation on the addOptionsPageFields function. This makes it possible for unauthenticated attackers to update the plugin's...