Lucene search
K

10756 matches found

GithubExploit
GithubExploit
added 2026/06/05 9:5 a.m.76 views

Exploit for Server-Side Request Forgery in Apeworx Web3.Py

CVE-2026-40072 SSRF Lab Hands-on local lab to demonstrate CVE...

7.2CVSS5.5AI score0.00228EPSS
Exploits2
NVD
NVD
added 2026/06/04 4:16 p.m.10 views

CVE-2026-43986

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose a public /image/ route that resolves attacker-controlled entries from imagehashlookup and replays them through the same server-side image fetch logic used by authenticated image proxying...

9.9CVSS0.00262EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 2:33 p.m.8 views

CVE-2026-43986 Tautulli vulnerable to unauthenticated SSRF in /image/<hash> via attacker-seeded image hash replay

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose a public /image/ route that resolves attacker-controlled entries from imagehashlookup and replays them through the same server-side image fetch logic used by authenticated image proxying...

9.9CVSS5.9AI score0.00262EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/03 9:16 p.m.13 views

Docling Core: Unsafe remote filename resolution

Impact In versions = 1.5.0, = 2.74.1 Workarounds If upgrading is not immediately possible, avoid passing untrusted URLs into remote fetch functionality. References - Fix release: v2.74.1...

5.8AI score0.00055EPSS
Exploits0References3Affected Software1
Atlassian
Atlassian
added 2026/06/03 4:30 p.m.5 views

SSRF (Server-Side Request Forgery) axios Dependency in Jira Software Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity SSRF Server-Side Request Forgery vulnerability was introduced in versions 9.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0,...

9.9CVSS5.3AI score0.01186EPSS
Exploits1
EUVD
EUVD
added 2026/06/03 12:30 a.m.11 views

EUVD-2026-34053

A vulnerability was identified in wonderwhy-er DesktopCommanderMCP 0.2.37. This affects the function readFileFromUrl of the file src/tools/filesystem.ts of the component readfile. Such manipulation of the argument url leads to server-side request forgery. The attack may be performed from remote...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.10 views

PT-2026-46123

Name of the Vulnerable Software and Affected Versions docling-core versions 1.5.0 through 2.74.0 Description The software does not sufficiently restrict remote request destinations and can resolve a server-provided Content-Disposition to a local path in an unsafe manner. In applications that acce...

8.6CVSS5.8AI score0.00055EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.16 views

PT-2026-46127

Name of the Vulnerable Software and Affected Versions Docling versions prior to 2.94.0 Description The HTML backend fails to perform sufficient validation during resource handling. This allows local file system access via file:// URIs when enable local fetch is set to True, and enables path...

7.1CVSS5.8AI score0.00217EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/02 6:5 p.m.6 views

CVE-2026-49120 Medplum < 5.1.14 SSRF via FHIR Subscription Endpoint

Medplum before 5.1.14 contains a server-side request forgery vulnerability in the subscription worker that allows authenticated users to perform unauthorized internal network requests by creating FHIR Subscription resources with arbitrary endpoint URLs. Attackers can point subscription endpoints ...

8.5CVSS6AI score0.00229EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.11 views

CVE-2026-40564

Files or Directories Accessible to External Parties, Server-Side Request Forgery SSRF vulnerability in Apache Flink Kubernetes Operator. The FlinkSessionJob jarURI is currently not validated so that it points to user-owned files or addresses. This lets a user with CR create permissions read files...

6.5CVSS5.8AI score0.0049EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2026/06/02 11:13 a.m.8 views

CVE-2026-8993 Improper URL Handler Processing in D.Launcher 2 enables NTLM Credential Disclosure and SSRF attacks

D.Launcher 2 component of Slovak eID client ecosystem contains Improper URL Handler Processing vulnerability. Application registers multiple custom URL handlers that could be exploited to initiate full NTLM autentication or SMB connection to attacker infrastructure and to conduct SSRF Server Side...

6.5CVSS5.8AI score0.00225EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/02 2:45 a.m.14 views

EUVD-2026-33879

A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.11.3. Affected by this issue is the function Import of the file internal/http/ttsconfig.go of the component TTS Configuration Endpoint. The manipulation leads to server-side request forgery. It is possible to initiate t...

5.8CVSS5.4AI score0.00227EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.10 views

openSUSE 16 Security Update : roundcubemail (openSUSE-SU-2026:20852-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20852-1 advisory. Changes in roundcubemail: - update to 1.6.16 - Fix potential too long value in IMAP ID command 10136 - Security: Fix stored XSS/HTML/CSS injecti...

8.1CVSS6AI score0.00764EPSS
Exploits1References24
CVE
CVE
added 2026/06/01 7:45 p.m.20 views

CVE-2026-10287

The vulnerability affects SourceCodester SEO Meta Tag Extractor 1.0, specifically the get_headers function in /index.php. The issue arises from manipulating the url parameter, enabling server-side request forgery (SSRF) that can be initiated remotely. Exploit details have been publicly disclosed....

7.5CVSS5.6AI score0.00294EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 7:24 p.m.9 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in axios-1.12.2.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in axios-1.12.2.tgz Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization when...

9.9CVSS5.8AI score0.01186EPSS
Exploits1Affected Software1
NVD
NVD
added 2026/06/01 7:16 p.m.11 views

CVE-2026-10280

A security flaw has been discovered in horizon921 mcpilot 0.1.0. The impacted element is an unknown function of the file client/src/app/api/mcp/call/route.ts of the component MCP API Call Endpoint. The manipulation of the argument serverBaseUrl results in server-side request forgery. The attack c...

7.5CVSS0.00305EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/01 8:30 a.m.10 views

CVE-2026-10241

A security flaw has been discovered in jeecgboot The server processes these URLs up to 3.9.1. This affects the function FileDownloadUtils.download2DiskFromNet of the file /airag/app/debug of the component Cloud Instance Metadata Endpoint. The manipulation results in server-side request forgery. T...

6.5CVSS6.2AI score0.0027EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/01 8:15 a.m.9 views

CVE-2026-10240

A vulnerability was identified in JeecgBoot up to 3.9.2. The impacted element is an unknown function of the file /airag/airagModel/test. The manipulation of the argument baseUrl leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit is publicly...

6.5CVSS6.3AI score0.0027EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/01 7:56 a.m.33 views

CVE-2026-10517 Clair: clair: unauthenticated ssrf via manifest layer uri enables internal network reconnaissance

A flaw was found in Clair. The fetcher component makes outbound HTTP requests to attacker-supplied URIs from manifest layer descriptors without IP or scheme filtering. When PSK authentication is not configured opt-in, not enforced by default, an unauthenticated attacker can submit a manifest with...

5.8CVSS0.00292EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/01 7:56 a.m.9 views

CVE-2026-10517

A flaw was found in Clair. The fetcher component makes outbound HTTP requests to attacker-supplied URIs from manifest layer descriptors without IP or scheme filtering. When PSK authentication is not configured opt-in, not enforced by default, an unauthenticated attacker can submit a manifest with...

5.8CVSS5.7AI score0.00292EPSS
Exploits0References2
Rows per page
Query Builder