Lucene search
+L

2042 matches found

CVE
CVE
added 2026/05/29 1:48 p.m.30 views

CVE-2026-45609

CVE-2026-45609 concerns the mcp-security component of Spring AI, where unvalidated URL fetching enables SSRF prior to version 0.1.9. The vulnerability affects installations with Dynamic Client Registration (DCR) enabled and involves processing untrusted URLs used for OAuth-related discovery and m...

7.2CVSS5.8AI score0.00198EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/29 1:48 p.m.11 views

CVE-2026-45609 mcp-security: Unvalidated URL Fetching (SSRF)

mcp-security provides Security and Authorization support for Model Context Protocol in Spring AI. Prior to 0.1.9, the mcp-security framework fails to implement the mandatory SSRF mitigations outlined in the Model Context Protocol MCP security specifications. Specifically, it processes untrusted...

7.2CVSS5.8AI score0.00198EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 1:48 p.m.14 views

CVE-2026-45609

mcp-security provides Security and Authorization support for Model Context Protocol in Spring AI. Prior to 0.1.9, the mcp-security framework fails to implement the mandatory SSRF mitigations outlined in the Model Context Protocol MCP security specifications. Specifically, it processes untrusted...

7.2CVSS5.8AI score0.00198EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/29 9:38 a.m.24 views

CVE-2026-9557

CVE-2026-9557 describes a Server-Side Request Forgery (SSRF) in Mautic’s Focus component. The root cause is insufficient validation of user-supplied URLs, allowing an authenticated user to cause the hosting server to perform outbound HTTP requests. This can enable internal network reconnaissance ...

6.4CVSS5.9AI score0.00138EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.17 views

PT-2026-44979

Name of the Vulnerable Software and Affected Versions FastGPT versions prior to 4.15.0-beta1 Description An authenticated attacker can bypass the global isInternalAddress network protection to make arbitrary HTTP GET requests to internal network services. This occurs due to an incomplete fix in t...

7.7CVSS5.9AI score0.00263EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/28 7:10 p.m.36 views

CVE-2026-49129 Music Player Daemon < 0.24.11 SSRF via CurlInputPlugin

Music Player Daemon MPD before version 0.24.11 contains a server-side request forgery vulnerability in CurlInputPlugin where CURLOPTFOLLOWLOCATION is set without CURLOPTREDIRPROTOCOLSSTR, allowing unauthenticated attackers to bypass the http/https scheme restriction by causing a malicious HTTP...

6.9CVSS0.00281EPSS
Exploits0References7
OSV
OSV
added 2026/05/28 4:16 p.m.12 views

DEBIAN-CVE-2026-48522

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS6AI score0.00181EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/05/28 3:0 p.m.14 views

CVE-2026-48522

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS6AI score0.00181EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.21 views

PT-2026-44472

Name of the Vulnerable Software and Affected Versions local-deep-research versions prior to 1.6.10 Description A logical flaw in the URL checking logic allows attackers to bypass security filters, leading to Server-Side Request Forgery SSRF. The software uses the validate url function to perform...

5CVSS6.1AI score0.00247EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.14 views

Debian dla-4604 : roundcube - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4604 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4604-1 [email protected]...

8.1CVSS6AI score0.00764EPSS
Exploits1References20
EUVD
EUVD
added 2026/05/27 5:9 p.m.15 views

EUVD-2026-32601

Budibase is an open-source low-code platform. Prior to 3.38.1, Budibase exposes a REST API for datasource management. The route PUT /api/datasources/:datasourceId is registered in the authorizedRoutes group with TABLE/READ permission. This is the same authorization level as the read endpoint GET...

8.8CVSS6AI score0.00251EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/27 4:50 p.m.10 views

CVE-2026-45061

Budibase is an open-source low-code platform. Prior to 3.35.10, the Plugin URL upload endpoint POST /api/plugin validates the submitted URL with a single substring check: url.includes".tar.gz". Any URL containing .tar.gz anywhere in the string — in the path, query string, or fragment — passes thi...

7.7CVSS5.8AI score0.00263EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/27 4:50 p.m.3 views

CVE-2026-45061 Budibase: SSRF via trivial `.tar.gz` substring bypass in Plugin URL upload (`/api/plugin`)

Budibase is an open-source low-code platform. Prior to 3.35.10, the Plugin URL upload endpoint POST /api/plugin validates the submitted URL with a single substring check: url.includes".tar.gz". Any URL containing .tar.gz anywhere in the string — in the path, query string, or fragment — passes thi...

7.7CVSS6AI score0.00263EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 2:43 p.m.13 views

EUVD-2026-32535

GuardDog is a CLI tool to identify malicious PyPI packages. From 1.0.0 to 2.9.0, the programmatic remote project scanning path rewrites attacker-controlled repository URLs using a blind string replacement and then sends the caller's GitHub credentials with the resulting request. This allows an...

8.2CVSS5.8AI score0.00198EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/27 1:1 p.m.18 views

Security Bulletin: Multiple Vulnerabilities affects IBM License Metric Tool v9

Summary Multiple vulnerabilities have been remediated in components used by IBM License Metric Tool Vulnerability Details CVEID:CVE-2025-14923 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than...

9.8CVSS5.4AI score0.02298EPSS
Exploits1Affected Software1
NVD
NVD
added 2026/05/27 12:16 a.m.21 views

CVE-2026-8606

A Server-Side Request Forgery SSRF vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause the server to issue HTTP requests to internal services via the security advisories package lookup feature. By directing requests to an internal management service and...

7CVSS0.00386EPSS
Exploits0References6
CVE
CVE
added 2026/05/26 11:59 p.m.51 views

CVE-2026-8606

A Server-Side Request Forgery (SSRF) in GitHub Enterprise Server was exposed via the security advisories package lookup endpoint, allowing an attacker to issue HTTP requests to internal services. By directing requests to an internal management service and measuring response timing, an attacker co...

7CVSS5.8AI score0.00386EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/26 2:38 p.m.9 views

CVE-2026-40564

Files or Directories Accessible to External Parties, Server-Side Request Forgery SSRF vulnerability in Apache Flink Kubernetes Operator. The FlinkSessionJob jarURI is currently not validated so that it points to user-owned files or addresses. This lets a user with CR create permissions read files...

5.8AI score0.0049EPSS
Exploits3References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.17 views

PT-2026-43265

Name of the Vulnerable Software and Affected Versions Apache Flink Kubernetes Operator versions 1.3.0 through 1.14.x Description A Server-Side Request Forgery SSRF and local file access issue exists where the jarURI in FlinkSessionJob is not validated. This allows a user with CR create permission...

6.8CVSS5.8AI score0.0049EPSS
Exploits3References9
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.23 views

PT-2026-43433

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.21.1 Description A Server-Side Request Forgery SSRF allows an attacker to force the server to send HTTP requests to internal services through the security advisories package lookup feature. By...

7CVSS5.2AI score0.00386EPSS
Exploits0References9
Rows per page
Query Builder