Lucene search
K

141 matches found

EUVD
EUVD
added 2026/07/08 12:37 a.m.7 views

EUVD-2026-42106

mem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side request forgery via attacker-controlled ollamabaseurl parameter. Unauthenticated attackers can retrieve stored secrets like OpenAI API keys via GET /api/v1/config/ or trigger SSRF attack...

9.3CVSS6AI score0.00259EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.8 views

PT-2026-56268

Name of the Vulnerable Software and Affected Versions mem0 affected versions not specified Description Unauthenticated config API endpoints expose LLM API keys in plaintext and enable server-side request forgery SSRF, a technique where an attacker induces the server to make requests to an...

9.3CVSS6.1AI score0.00259EPSS
Exploits0References8
OSV
OSV
added 2026/07/03 8:19 p.m.4 views

CVE-2026-22874 Gitea webhook and migration allow-list filtering permits SSRF

Gitea versions up to and including 1.26.2 have incomplete SSRF protection in webhook and migration allow-list filtering...

9.6CVSS7.1AI score0.00464EPSS
Exploits1References7
OSV
OSV
added 2026/06/26 4:36 p.m.4 views

GHSA-72F5-RR8C-R6GR Fluentd is Vulnerable to Server-Side Request Forgery (SSRF) via Placeholder Expansion in `out_http`

The outhttp output plugin allows the use of placeholders such as $tag in the endpoint configuration parameter. It was discovered that if the placeholder value is derived from untrusted user input, an attacker can maliciously control the destination hostname of the outbound HTTP requests made by...

7.2CVSS6AI score0.00442EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 2:29 p.m.2 views

CVE-2026-57535

Content injected to PDF rendering contexts could, in many places, include HTML content including tags. If the src attribute of these images pointed to an URL, the PDF rendering engine would download the image from that place and display it, thereby leaking information about the rendering server a...

2.1CVSS6AI score0.00308EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/06/23 9:22 p.m.10 views

jackson-databind: InetSocketAddress deserialization triggers eager DNS resolution (SSRF)

Summary JDKFromStringDeserializer constructed InetSocketAddress with new InetSocketAddresshost, port, which performs eager DNS name resolution for hostname inputs at deserialization time. An application that binds untrusted JSON into a type containing an InetSocketAddress field issues an...

5.3CVSS5.9AI score0.00219EPSS
Exploits0References4Affected Software2
EUVD
EUVD
added 2026/06/15 7:28 p.m.12 views

EUVD-2026-32915

PyJWKClient: missing scheme allowlist enables CVE-2024-21643-class SSRF + token forgery via file://, ftp://, data: schemes...

8.8CVSS7.8AI score0.02214EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/11 2:50 p.m.6 views

Security Bulletin: IBM Maximo Scheduler Optimizer uses axios-1.13.5.tgz which is vulnerable to CVE-2025-62718

Summary IBM Maximo Scheduler Optimizer uses axios-1.13.5.tgz which is vulnerable to CVE-2025-62718. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser and...

9.9CVSS6.5AI score0.01161EPSS
Exploits1Affected Software1
NVD
NVD
added 2026/06/10 10:17 p.m.9 views

CVE-2026-50131

Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Fedify previously addressed SSRF/internal network access in GHSA-p9cg-vqcc-grcx by adding public URL validation before runtime document and media fetching. However, the IPv4 validation logic present starting...

8.6CVSS0.00269EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.11 views

PT-2026-48548

Name of the Vulnerable Software and Affected Versions Fedify versions 0.11.2 through 1.9.11 Fedify versions 0.11.2 through 1.10.10 Fedify versions 0.11.2 through 2.0.18 Fedify versions 0.11.2 through 2.1.14 Fedify versions 0.11.2 through 2.2.3 Description Fedify is a TypeScript library for buildi...

8.6CVSS6.1AI score0.00269EPSS
Exploits1References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 6:38 p.m.8 views

Security Bulletin: Langflow OSS affected by vulnerabilies in Axios versions prior to 1.15.0

Summary Langflow OSS affected by vulnerabilies in Axios versions prior to 1.15.0 Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization when checki...

9.9CVSS5.5AI score0.01161EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 7:24 p.m.10 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in axios-1.12.2.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in axios-1.12.2.tgz Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization when...

9.9CVSS5.8AI score0.01161EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.25 views

PT-2026-45022

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.4 Description NodeVM allows the exclusion of public network builtins from the wildcard builtin option, which blocks direct access to modules such as 'http', 'https', 'http2', 'net', 'dgram', 'tls', 'dns', and...

8.6CVSS5.3AI score0.00282EPSS
Exploits0References6
PyPA
PyPA
added 2026/05/28 4:16 p.m.11 views

PYSEC-0000-CVE-2026-48522

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS5.9AI score0.00181EPSS
Exploits1References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/28 3:53 p.m.22 views

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (2025-62718)

Summary IBM Security SOAR uses an older version of the Axios component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.10.0 Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios i...

9.9CVSS6.4AI score0.01161EPSS
Exploits1Affected Software1
Cvelist
Cvelist
added 2026/05/28 3:0 p.m.41 views

CVE-2026-48522 PyJWKClient: missing scheme allowlist enables SSRF + token forgery via file://, ftp://, data: schemes

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS0.00181EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:0 p.m.14 views

CVE-2026-48522

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS6AI score0.00181EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/05/28 3:0 p.m.2 views

CVE-2026-48522 PyJWKClient: missing scheme allowlist enables SSRF + token forgery via file://, ftp://, data: schemes

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS6AI score0.00181EPSS
Exploits1References3
OSV
OSV
added 2026/05/27 5:9 p.m.3 views

CVE-2026-45717 Budibase: `PUT /api/datasources/:datasourceId` is protected only by `TABLE/READ` permission instead of builder access, allowing any authenticated app user to overwrite datasource connection parameters including host, port, and URL.

Budibase is an open-source low-code platform. Prior to 3.38.1, Budibase exposes a REST API for datasource management. The route PUT /api/datasources/:datasourceId is registered in the authorizedRoutes group with TABLE/READ permission. This is the same authorization level as the read endpoint GET...

8.8CVSS6.1AI score0.00251EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/25 7:11 p.m.11 views

EUVD-2026-31718

Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16,and 1.7.x before 1.7.1 has Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to SSRF or Information Disclosure, e.g., if stylesheet links point to local network hosts. The issue stems from an insufficient fix fo...

7.2CVSS5.8AI score0.0036EPSS
Exploits0References5
Rows per page
Query Builder