10754 matches found
CVE-2026-0560
A Server-Side Request Forgery SSRF vulnerability exists in parisneo/lollms versions prior to 2.2.0, specifically in the /api/files/export-content endpoint. The downloadimagetotemp function in backend/routers/files.py fails to validate user-controlled URLs, allowing attackers to make arbitrary HTT...
CVE-2026-5126
A flaw has been found in SourceCodester RSS Feed Parser 1.0. Affected by this issue is the function filegetcontents. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been published and may be used...
GHSA-VR79-8M62-WH98 FHIR Validator HTTP service has SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft
Summary The FHIR Validator HTTP service exposes an unauthenticated /loadIG endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith URL prefix matching flaw in the credential provider ManagedWebAccessUtils.getServer, an attacker can steal authentication...
Docker Model Runner OCI Registry Client Vulnerable to Server-Side Request Forgery (SSRF)
Summary Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the registry's WWW-Authenticate header without validating the scheme, hostname, or IP range. A malicious OCI registry can set the realm...
CVE-2026-0560 Server-Side Request Forgery (SSRF) in parisneo/lollms
A Server-Side Request Forgery SSRF vulnerability exists in parisneo/lollms versions prior to 2.2.0, specifically in the /api/files/export-content endpoint. The downloadimagetotemp function in backend/routers/files.py fails to validate user-controlled URLs, allowing attackers to make arbitrary HTT...
arkadiyt-projects: SSRF Filter Bypass via Unblocked NAT64 Local-Use IPv6 Prefix (64:ff9b:1::/48)
A vulnerability was discovered in the ssrffilter library version 1.3.0. The library failed to block the NAT64 local-use IPv6 prefix 64:ff9b:1::/48, allowing such addresses to be treated as public. This enabled SSRF requests through /fetch to targets encoded under that prefix when routable in the...
CVE-2026-33693
Lemmy is a link aggregator and forum for the fediverse. Prior to version 0.7.0-beta.9, the v4isinvalid function in activitypub-federation-rust src/utils.rs does not check for Ipv4Addr::UNSPECIFIED 0.0.0.0. An unauthenticated attacker controlling a remote domain can point it to 0.0.0.0, bypass the...
CVE-2026-33644
Lychee is a free, open-source photo-management tool. Prior to version 7.5.2, the SSRF protection in PhotoUrlRule.php can be bypassed using DNS rebinding. The IP validation check line 86-89 only activates when the hostname is an IP address. When a domain name is used, filtervar$host,...
CVE-2026-33953
CVE-2026-33953 (LinkAce) : The SSRF protection in LinkAce can be bypassed via internal hostname resolution. In versions prior to 2.5.3, direct requests to private IP literals are blocked, but server-side requests to internal resources can still be triggered when those resources are referenced thr...
CVE-2026-31945
LibreChat (versions 0.8.2-rc2 to 0.8.2) is vulnerable to SSRF via DNS resolution in agent actions or MCP. The issue arises because prior fixes only added hostname validation and do not verify whether DNS results map to private IPs, allowing access to internal resources (e.g., internal RAG API or ...
EUVD-2026-16765
LibreChat is a ChatGPT clone with additional features. Versions 0.8.2-rc2 through 0.8.2 are vulnerable to a server-side request forgery SSRF attack when using agent actions or MCP. Although a previous SSRF vulnerability...
CVE-2026-31943 LibreChat has SSRF protection bypass via IPv4-mapped IPv6 normalization in isPrivateIP
LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, isPrivateIP in packages/api/src/auth/domain.ts fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSRF protection and make the server issue HTTP requests ...
CVE-2026-31943 LibreChat has SSRF protection bypass via IPv4-mapped IPv6 normalization in isPrivateIP
LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, isPrivateIP in packages/api/src/auth/domain.ts fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSRF protection and make the server issue HTTP requests ...
CVE-2026-31943
LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, isPrivateIP in packages/api/src/auth/domain.ts fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSRF protection and make the server issue HTTP requests ...
CVE-2026-31943 LibreChat has SSRF protection bypass via IPv4-mapped IPv6 normalization in isPrivateIP
LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, isPrivateIP in packages/api/src/auth/domain.ts fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSRF protection and make the server issue HTTP requests ...
CVE-2026-33766
WWBN AVideo is an open source video platform. In versions up to and including 26.0, isSSRFSafeURL validates URLs against private/reserved IP ranges before fetching, but urlgetcontents follows HTTP redirects without re-validating the redirect target. An attacker can bypass SSRF protection by...
CVE-2026-33766 AVideo has SSRF Protection Bypass via HTTP Redirect in Image Download Endpoints
WWBN AVideo is an open source video platform. In versions up to and including 26.0, isSSRFSafeURL validates URLs against private/reserved IP ranges before fetching, but urlgetcontents follows HTTP redirects without re-validating the redirect target. An attacker can bypass SSRF protection by...
EUVD-2026-16652
WWBN AVideo is an open source video platform. In versions up to and including 26.0, isSSRFSafeURL validates URLs against private/reserved IP ranges before fetching, but urlgetcontents follows HTTP redirects without re-validating the redirect target. An attacker can bypass SSRF protection by...
CVE-2021-27670
Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url parameter...
GHSA-MHRG-94VW-45C5 Spring AI: Insufficient Validation causes SSRF when processing multimodal messages with user-supplied URLs
Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery SSRF vulnerability in BedrockProxyChatModel when processing multimodal messages that include user-supplied media URLs. Insufficient validation of those URLs allows an attacker to induce the server to issue HTTP requests...